www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marvin Humphrey <mar...@rectangular.com>
Subject Re: Release Policy
Date Fri, 23 May 2014 14:34:43 GMT
On Fri, May 23, 2014 at 4:53 AM, Richard Eckart de Castilho
<rec@apache.org> wrote:
> On 23.05.2014, at 13:49, Jim Jagielski <jim@jaguNET.com> wrote:
>> On May 22, 2014, at 5:04 PM, Mark Struberg <struberg@yahoo.de> wrote:
>>>> I disagree. One of the primary reasons for the release policy being
>>>> defined as it is is to provide a degree of legal protection to the
>>>> release managers.
>>> Oki this is a part which we can discuss on the legal list. But the point
>>> already got covered and answered dozens of times imo. The answer is that
>>> the ALv2 protects the foundation and also the release manager already for
>>> all bona fides cases. End of story.
>> Licenses take effect when source is *released* (distributed or
>> redistributed). So it makes sense to define what a release *is*.
> Does that imply that code that somebody copies from a version
> control system but that does not end up in a final release artifact
> is not covered by the ASL?
> Is it illegal to obtain unreleased code that is clearly marked as
> being under the ASL and to use it elsewhere (assuming that the
> rules of the ASL are obeyed)?

Code which is obtained from version control may not adhere to all of our
policies.  For example, a new codebase undergoing IP clearance in the
Incubator might have a mandatory dependency on a proprietary library.  Such a
dependency would be have to be eliminated by the first incubating release.

While we would strive to avoid it, it is possible that for transitory periods,
code in version control may violate licensing.  Perhaps an errant commit is
caught right away by a PMC member reviewing the commits list; perhaps a
problem is only detected during the additional checks performed in the run-up
to a release vote.  Such glitches are an unavoidable consequence of our choice
to participate in open development on the public internet despite the fact
that copyright law is not perfectly tuned for it.

Please note that the draft proposal floats a "TODO" item regarding formalizing
a bounded "ASF Licensing Policy" distinct from the Release Policy which
"applies to both released and unreleased code":

    ## TODO

    Formalize additional official policies and reference them from this policy:

    *   _ASF Licensing Policy_ (curated by Legal Affairs, applies to both
        released and unreleased code)
    *   _ASF Release Distribution Policy_ (curated by Infrastructure)

The phrase "both released and unreleased code" reflects my understanding of
numerous discussions that took place on this list during 2009, where the point
was raised that version control qualifies as a distribution and that licensing
kicks in on distribution rather than release.  For instance:


    Of course it is a distribution point.  Distribution == copy to someone
    else.  It isn't a release (an editorial decision by the ASF).


    That does not mean we have to be perfect every second of every day.  It
    means that we have to strive for correctness -- we must fix problems when
    they are found, and we must not intentionally create problems with
    licensing.  In any case, most of the copyright owners who license us code
    are a pretty forgiving bunch (ourselves).

Marvin Humphrey

To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

View raw message