[legal-discuss] Trivial contributions and CLAs

Radcliffe, Mark Mark.Radcliffe at dlapiper.com
Wed Apr 23 00:22:49 UTC 2014


Mark:

I don't understand your first comment.   The OpenStack Foundation has adopted the Apache model. The Apache Software Foundation uses a CLA for all of its projects.  The OpenStack LLC also used a CLA.  The CLA has been used as long as OpenStack has been a project.  Moreover, the form of the  CLA is hardwired into the Bylaws of the Foundation.  

I also disagree with your second point. Many lawyers would feel more comfortable if the agreement is widely used because that like open source code, they believe that if many lawyers have reviewed the agreement it is likely to be acceptable.

-----Original Message-----
From: Mark McLoughlin [mailto:markmc at redhat.com] 
Sent: Tuesday, April 22, 2014 3:16 PM
To: Radcliffe, Mark
Cc: Tom Fifield; Stefano Maffulli; legal-discuss at lists.openstack.org
Subject: Re: [legal-discuss] Trivial contributions and CLAs

On Tue, 2014-04-22 at 15:28 +0000, Radcliffe, Mark wrote:
> Thanks.  The more critical issue is that we need to be sensitive to 
> our users to ensure that we have the right necessary to include the 
> "trivial contribution" in OpenStack under the Apache license. If the 
> "trivial contribution" is code is likely to be copyrightable (a very 
> low standard).  All projects require a license to the code, even if 
> they choose to use the project "license" as the license (such as 
> Linux).

I don't feel I can explain to contributors why they need to do anything other than license the code (to the world) under the Apache License in order for the contribution to be included in OpenStack under the Apache License.

> The potential contributor should be able to derive comfort from the 
> fact that hundreds of companies have signed the OpenStack CLA without 
> changes (we have never agreed to any changes and Apache has also not 
> agreed to changes in its CLA on which our CLA is based) and thousands 
> (maybe tens of thousands) have signed the Apache CLA.  My experience 
> is that many "legal" agreements are signed without legal review 
> particularly if the agreement cannot be changed, so I think that your 
> proposed scenario is not as common as you suggest.

Don't worry about this agreement you're being asked to sign with the OpenStack Foundation because many others have already signed it?

That's not an approach I feel we should be recommending to potential contributors.

Mark.


> -----Original Message-----
> From: Tom Fifield [mailto:tom at openstack.org]
> Sent: Tuesday, April 22, 2014 8:08 AM
> To: Radcliffe, Mark; Stefano Maffulli; 
> legal-discuss at lists.openstack.org
> Subject: Re: [legal-discuss] Trivial contributions and CLAs
> 
> On 22/04/14 22:53, Radcliffe, Mark wrote:
> > Why can't they sign the CLA?  IBM and HP are very sensitive to their IP and they have signed it.
> 
> This may be completely irrelevant, but I just feel like noting that 
> IBM and HP also have in-house counsel, who can probably look at these 
> things
> :) It's probably also worth their while, given the scale of their contributions.
> 
> However, picture a much smaller organisation. One without a lawyer on tap.
> 
> Picture a system administrator, having discovered a small flaw in OpenStack, and having goodwill to want to work with the community.
> 
> What happens in this case?
> 
> Three theories:
> - sysadmin asks the manager to sign the corporate CLA, who balks at 
> the legalese, and weighs up whether it's worth forking out x-hundred 
> per hour for the external counsel to merely entertain their star 
> sysadmin's pet project
> - sysadmin just signs CLA without approval from anyone in the 
> organisation
> - sysadmin gives up, assuming manager won't approve
> 
> It's late, and I may be missing several other potential outcomes to this case, but these seem like poor outcomes, which are plausibly happening more frequently than we record.
> 
> We really want to encourage these kind of users to contribute, and I don't think the big problem is being sensitive to IP.
> 
> Regards,
> 
> 
> Tom
> 
> 
> 
> 
> > -----Original Message-----
> > From: Stefano Maffulli [mailto:stefano at openstack.org]
> > Sent: Tuesday, April 22, 2014 7:35 AM
> > To: legal-discuss at lists.openstack.org
> > Subject: [legal-discuss] Trivial contributions and CLAs
> >
> > I have been notified of another very small patch that is left in a 
> > limbo, with the author not allowed to sign the CLA and the 
> > developers stuck in unknown legal territory. You can read more about 
> > it on
> >
> > https://bugs.launchpad.net/bugs/1308984
> >
> >  From what I can see, the patch is trivial and shouldn't even be copyrightable but the person spotting the issue and fixing it is not comfortable signing the CLAs. Can any other developer copy the patch and put it into our trunk? Until when is this sort of behaviour safe?
> >
> > We're getting more of these small blockers and I think it's already a problem. Having to sign a Corporate CLA and Individual CLA for a trivial patch, from an operator (whose job is to run clouds, resulting in small and rare patches, not to develop large features) can conflict with our effort to get more operators involved in OpenStack.
> >
> > I'm not sure what solutions are available. If we can't change the CLA processes easily, what else can we do to get small contributions like these?
> >
> > thanks,
> > /stef
> >
> > --
> > Ask and answer questions on https://ask.openstack.org
> >
> > _______________________________________________
> > legal-discuss mailing list
> > legal-discuss at lists.openstack.org
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/legal-discuss
> > Please consider the environment before printing this email.
> >
> > The information contained in this email may be confidential and/or legally privileged. It has been sent for the sole use of the intended recipient(s). If the reader of this message is not an intended recipient, you are hereby notified that any unauthorized review, use, disclosure, dissemination, distribution, or copying of this communication, or any of its contents, is strictly prohibited. If you have received this communication in error, please reply to the sender and destroy all copies of the message. To contact us directly, send to postmaster at dlapiper.com. Thank you.
> >
> >
> > _______________________________________________
> > legal-discuss mailing list
> > legal-discuss at lists.openstack.org
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/legal-discuss
> >
> 
> Please consider the environment before printing this email.
> 
> The information contained in this email may be confidential and/or legally privileged. It has been sent for the sole use of the intended recipient(s). If the reader of this message is not an intended recipient, you are hereby notified that any unauthorized review, use, disclosure, dissemination, distribution, or copying of this communication, or any of its contents, is strictly prohibited. If you have received this communication in error, please reply to the sender and destroy all copies of the message. To contact us directly, send to postmaster at dlapiper.com. Thank you.
> 
> 
> _______________________________________________
> legal-discuss mailing list
> legal-discuss at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/legal-discuss


Please consider the environment before printing this email.

The information contained in this email may be confidential and/or legally privileged. It has been sent for the sole use of the intended recipient(s). If the reader of this message is not an intended recipient, you are hereby notified that any unauthorized review, use, disclosure, dissemination, distribution, or copying of this communication, or any of its contents, is strictly prohibited. If you have received this communication in error, please reply to the sender and destroy all copies of the message. To contact us directly, send to postmaster at dlapiper.com. Thank you.


More information about the legal-discuss mailing list