Open Stack

On Tue, Apr 22, 2014 at 09:19:44PM -0400, Marc Ehrlich wrote:
> Most importantly it is the patent IP I think we should be worried about.  What
> if that line or two of code trivially contributed completes the steps of a
> patent claim held by the contributer's company that then makes open stack users
> infringers of that code? 

No one's argued (as far as I am aware) that contributions should enter
an OpenStack project under no legal terms; the issue has really been
whether those terms should be the CLA (or more than one CLA), or the
Apache License (or, I wondered for a while, both), and how much
formality or ceremoniality is needed for any of those things to
happen.

>  Even a trivial contribution
>  in terms of size or function can render a body of code infringing.  I think
> that one of the great benefits of the  CLA is that it addresses that scenario.

As does the Apache License. Therefore:

>  So in my view we need to think long and hard about letting companies take a
> pass on what everyone else has agreed to lest we find ourselves facing patent
>  claims based on trivial additions. 

It isn't about allowing anyone to "take a pass". Rather it's whether
the license is the CLA or the Apache License.

> Sorry if I am missing something that covers us for patents 

The Apache License, which I've been hearing people praise for years as
a superior permissive open source license because it contains a patent
license grant.

 - RF


 
> From: "Alice King" <alice at alicelkingpc.com>
> To: "'Richard Fontana'" <rfontana at redhat.com>,
> <legal-discuss at lists.openstack.org>,
> Date: 04/22/2014 08:55 PM
> Subject: Re: [legal-discuss] Trivial contributions and CLAs
> ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
> 
> 
> 
> Thank you Richard.  That helps put it in perspective.  
> 
> The process needs to permit a trusted person to exercise discretion in edge
> cases like this.  That is true of every process involving human interaction.
> The Foundation Bylaws contemplate the Board giving this kind of edge-case
> discretion to the Executive Director.
> 
> I don't see that there is much risk around intellectual property in this
> kind of contribution.  Who would make a claim?  There is a secondary risk
> that the project is viewed as being lax on IP issues generally, which would
> scare off some users.  I think this is also unlikely.  My impression is that
> the project is viewed as exercising an abundance of caution.  
> 
> The kind of participation represented by this contribution is valuable.
> Reward significantly outweighs risk.
> 
> Still on the list and felt like chiming in!  
> 
> Alice
> 
> 
> -----Original Message-----
> From: Richard Fontana [mailto:rfontana at redhat.com]
> Sent: Tuesday, April 22, 2014 7:32 PM
> To: legal-discuss at lists.openstack.org
> Subject: Re: [legal-discuss] Trivial contributions and CLAs
> 
> For anyone on this list not accustomed to looking at such things, I think it
> might be interesting to point out what this patch actually is and what
> Stefano means by triviality (even though the CLA may not be the relevant
> issue in this instance, the issue of contribution process around trivial
> patches is the larger issue that Stefano was raising):
> 
> The patch would cause one existing line in one file:
> 
>    options = sorted([(ip.id, ip.ip) for ip in ips if not ip.port_id])
> 
> to be replaced with this:
>    
>    options = sorted([(ip.id, ip.ip) for ip in ips if not ip.port_id],
> key=lambda ip: ip[1])
> 
> That is: all this patch does is add the following text to one line of a
> file:
>  ", key=lambda ip: ip[1]"
> The file itself contains about ~100 lines of code, and Horizon, the relevant
> project, contains, I believe, about 2000 files.
> 
> - RF
> 
> 
> Stefano wrote:
> > I have been notified of another very small patch that is left in a
> > limbo, with the author not allowed to sign the CLA and the developers
> > stuck in unknown legal territory. You can read more about it on
> >
> > https://bugs.launchpad.net/bugs/1308984
> >
> >  From what I can see, the patch is trivial and shouldn't even be
> copyrightable but the person spotting the issue and fixing it is not
> comfortable signing the CLAs. Can any other developer copy the patch and put
> it into our trunk? Until when is this sort of behaviour safe?
> >
> > We're getting more of these small blockers and I think it's already a
> problem. Having to sign a Corporate CLA and Individual CLA for a trivial
> patch, from an operator (whose job is to run clouds, resulting in small and
> rare patches, not to develop large features) can conflict with our effort to
> get more operators involved in OpenStack.
> >
> > I'm not sure what solutions are available. If we can't change the CLA
> processes easily, what else can we do to get small contributions like these?
> 
> 
> _______________________________________________
> legal-discuss mailing list
> legal-discuss at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/legal-discuss
> 
> 
> _______________________________________________
> legal-discuss mailing list
> legal-discuss at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/legal-discuss
> 
>