www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <...@jaguNET.com>
Subject Re: When is a CCLA/ICLA required for a contributor?
Date Thu, 23 Mar 2017 12:33:42 GMT
For the ASF, an iCLA is required once one gets commit access.

Regarding the CCLA, that must be determined my the individual themselves.
There is no one, complete, all-inclusive answer other than "it depends" :)

> On Mar 22, 2017, at 5:06 PM, Rezaei, Mohammad A. <Mohammad.Rezaei@gs.com> wrote:
> Apologies if the answer to the question is obvious. After reading the
> documentation on apache.org and searching through this mailing list, I
> could not reach a definitive conclusion. I also apologize for the 
> length of this inquiry. I had a hard time making it shorter.
> Definitions: I'm only interested in a contributor, not a committer. 
> In my understanding, a committer is someone who has commit rights to an
> Apache hosted/owned repo. Everyone else who would like to affect a 
> change in an Apache hosted/owned repo is a contributor.
> I realize there are two questions here: 
> For a contributor, when is an ICLA required? 
> If an ICLA is required, when is a CCLA required?
> For the sake of brevity, I'm going to assume that if a contributor is 
> required to sign an ICLA, a CCLA would be required if they are employed 
> under plain US law and the work is in any way relatable to their 
> employer's business. I'd like to concentrate on the first question 
> (ICLA) from this point on.
> I'm basing my analysis on the following:
> (A) on this page: http://www.apache.org/licenses/
> the statement "The ASF desires that all contributors of ideas, code, 
> or documentation to any Apache projects complete, sign, and submit 
> (via fax or email) an Individual Contributor License Agreement (ICLA)"
> (B) In the thread "code without an iCLA ..."
> http://markmail.org/message/lv6vcnfqvygk2xv3
> The consensus appears to be "ICLAs are required for everything 
> that is non-trivial." (as explained by Sam Ruby). 
> (C) On this page: http://www.apache.org/dev/contributors.html
> there is no mention of any ICLA requirement. 
> (D) In the thread "Re: Requiring CLAs for all contributions"
> http://markmail.org/message/cnbxal5mheof2hmy
> Mark Thomas (mar...@apache.org) said:
> "I see lots of downsides to that policy and no upsides. 
> The issues that concern me: 
> - Unnecessary barriers to entry for new contributors 
> - Legally unnecessary 
> - Creates additional work for the secretary (not much now but if every
>    TLP and podling did this it might) 
> - Re-enforces the meme an iCLA is required to contribute at Apache 
> I'm also don't believe that an iCLA is even desired for all 
> contributions. The ALv2 provides all the legal cover we need and desire."
> (E) In the thread "Re: FAQ: CCLA Optional?"
> http://markmail.org/message/5ch6kvovjow32esk
> Henri Yandell (bay...@apache.org) said:
> "Committers sign ICLAs, contributors don't (typically - maybe a project
> has a reason for requiring contributors to sign ICLAs but I don't recall
> it being done)."
> (F) on this page: http://apache.org/foundation/how-it-works/legal.html
> 5 possible paths for incoming code is outlined.
>        1) "An existing third party project joining Apache"
>              is about projects joining ASF, so not relevant
>        2) "A large one off code contribution ... One off code donations
>              can come in through a software grant". 
>              appears to open the door for not requiring an ICLA, 
>              but a software grant.
>        3) "Repeated contributions applied directly to the source": for 
>              committers, so not relevant.
>        4) "Patches contributed via the issue trackers"
>              seems to have no ICLA requirement. No size limit 
>              is discussed.
>        5) "Patches contributed via mailing lists are expected 
>              to be simple." 
>              No ICLA requirement, but an unspecified size limit.
> (G) It also appears that different Apache projects interpret this 
>    differently:
>    http://flink.apache.org/how-to-contribute.html#submit-a-contributor-license-agreement
>      requires an ICLA -- always.
>    https://beam.apache.org/contribute/contribution-guide/#potentially-submit-contributor-license-agreement
>      "We require you to have an ICLA on file with the Apache Secretary 
>      for larger contributions only."
> The 3 possible answers for the question of ICLA requirement are analyzed
> below:
> 1) It's always required.
>   (A) is strong evidence that ICLA is always required. There is no 
>   procedure outlined for a contributor to opt-out of ASF's "desire", 
>   rendering it a requirement.
>   in (B), the distinction between trivial and non-trivial requires
>   advanced degrees in law, philosophy, and information theory; therefore,
>   any mere mortal should just sign the ICLA.
> 2) It depends...
>   In (A) the word "desire" is not the same as "require". "Desire" signals
>   a possibility to opt-out on the part of the contributor.
>   (B), the determining factor being "non-trivial". Parts of (F-5) support this.
>   (G) It may also depend on the particular project.
> 3) It's not required.
>   (C), assuming such an important matter would not simply be left off.
>   (D),(E)
>   (F-4), so long as all the work is contributed via JIRA
> Can a clear, simple answer be given to this question? I don't consider
> "It depends" to be clear or simple, unless the rules could be enforced 
> by a small piece of computer code with no room for interpretation.
> Thanks
> Moh Rezaei
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org

To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

View raw message