On Tue, Apr 22, 2014 at 09:19:44PM -0400, Marc Ehrlich wrote:
Most importantly it is the patent IP I think we should be worried about. What if that line or two of code trivially contributed completes the steps of a patent claim held by the contributer's company that then makes open stack users infringers of that code?
No one's argued (as far as I am aware) that contributions should enter an OpenStack project under no legal terms; the issue has really been whether those terms should be the CLA (or more than one CLA), or the Apache License (or, I wondered for a while, both), and how much formality or ceremoniality is needed for any of those things to happen.
Even a trivial contribution in terms of size or function can render a body of code infringing. I think that one of the great benefits of the CLA is that it addresses that scenario.
As does the Apache License. Therefore:
So in my view we need to think long and hard about letting companies take a pass on what everyone else has agreed to lest we find ourselves facing patent claims based on trivial additions.
It isn't about allowing anyone to "take a pass". Rather it's whether the license is the CLA or the Apache License.
Sorry if I am missing something that covers us for patents
The Apache License, which I've been hearing people praise for years as a superior permissive open source license because it contains a patent license grant. - RF
From: "Alice King" <alice@alicelkingpc.com> To: "'Richard Fontana'" <rfontana@redhat.com>, <legal-discuss@lists.openstack.org>, Date: 04/22/2014 08:55 PM Subject: Re: [legal-discuss] Trivial contributions and CLAs ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Thank you Richard. That helps put it in perspective.
The process needs to permit a trusted person to exercise discretion in edge cases like this. That is true of every process involving human interaction. The Foundation Bylaws contemplate the Board giving this kind of edge-case discretion to the Executive Director.
I don't see that there is much risk around intellectual property in this kind of contribution. Who would make a claim? There is a secondary risk that the project is viewed as being lax on IP issues generally, which would scare off some users. I think this is also unlikely. My impression is that the project is viewed as exercising an abundance of caution.
The kind of participation represented by this contribution is valuable. Reward significantly outweighs risk.
Still on the list and felt like chiming in!
Alice
-----Original Message----- From: Richard Fontana [mailto:rfontana@redhat.com] Sent: Tuesday, April 22, 2014 7:32 PM To: legal-discuss@lists.openstack.org Subject: Re: [legal-discuss] Trivial contributions and CLAs
For anyone on this list not accustomed to looking at such things, I think it might be interesting to point out what this patch actually is and what Stefano means by triviality (even though the CLA may not be the relevant issue in this instance, the issue of contribution process around trivial patches is the larger issue that Stefano was raising):
The patch would cause one existing line in one file:
options = sorted([(ip.id, ip.ip) for ip in ips if not ip.port_id])
to be replaced with this:
options = sorted([(ip.id, ip.ip) for ip in ips if not ip.port_id], key=lambda ip: ip[1])
That is: all this patch does is add the following text to one line of a file: ", key=lambda ip: ip[1]" The file itself contains about ~100 lines of code, and Horizon, the relevant project, contains, I believe, about 2000 files.
- RF
I have been notified of another very small patch that is left in a limbo, with the author not allowed to sign the CLA and the developers stuck in unknown legal territory. You can read more about it on
https://bugs.launchpad.net/bugs/1308984
From what I can see, the patch is trivial and shouldn't even be copyrightable but the person spotting the issue and fixing it is not comfortable signing the CLAs. Can any other developer copy the patch and put it into our trunk? Until when is this sort of behaviour safe?
We're getting more of these small blockers and I think it's already a
Stefano wrote: problem. Having to sign a Corporate CLA and Individual CLA for a trivial patch, from an operator (whose job is to run clouds, resulting in small and rare patches, not to develop large features) can conflict with our effort to get more operators involved in OpenStack.
I'm not sure what solutions are available. If we can't change the CLA
processes easily, what else can we do to get small contributions like these?
_______________________________________________ legal-discuss mailing list legal-discuss@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/legal-discuss
_______________________________________________ legal-discuss mailing list legal-discuss@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/legal-discuss