[legal-discuss] Licensing options for new project (Kolla) entering big tent

Zane Bitter zbitter at redhat.com
Thu Jul 9 23:11:39 UTC 2015

On 09/07/15 16:34, Richard Fontana wrote:
> On Thu, Jul 09, 2015 at 04:08:16PM -0400, Zane Bitter wrote:
>> The by-laws require only that anything in the
>> TC Approved Release be distributed under the ASL. That said, it is
>> completely up to the TC which projects to accept into OpenStack, and it
>> would be well within its rights to reject one that e.g. could never be added
>> to the Approved Release because of an incompatible license.
> That might help explain the requirement at
> https://github.com/openstack/governance/blob/master/reference/new-projects-requirements.rst
> "Project must have no library dependencies which effectively restrict
> how the project may be distributed or deployed"
> but it should then be taken to mean "Project must have no library
> dependencies which effectively prevent the project from being
> distributed under the Apache License 2.0" (I'll assume that makes
> sense in a given context).

It also says 'or deployed', so e.g. an ASL licensed project with a 
dependency on a proprietary library would also be excluded. I read it as 
being an anti-"Open Core" provision.

It's also worth noting that the TC's 'requirements' (a) are really just 
guidelines, and (b) were most certainly not written, or even read, by 
lawyers :)

> That being so, I am not sure I understand this one
> "The proposed project uses an open source license (preferably the
> Apache v2.0 license, since it is necessary if the project wants to be
> used in an OpenStack trademark program)"
> Because, given that the OpenStack Foundation uses CLAs that give it
> the power to license out everything under the Apache License, why does
> it matter whether the proposed project is initially under an open
> source license that is not the Apache License?
> For example, suppose a new official OpenStack project is under the
> GPL. What's the obstacle to it later being included in the TC Approved
> Release? All that's necessary is for the Foundation to relicense it
> under the Apache License. Or is the concern that a (say) GPL-licensed
> project might have had a pre-OpenStack history including contributions
> from individuals or entities that are not CLA signatories?

If an OpenStack contributor (i.e. someone who had signed the ICLA) had 
also contributed to another, say GPL-licensed, project and that project 
was later adopted by OpenStack, would it follow that that person had 
consented to relicensing their GPL code to the Foundation by virtue of 
having already signed the ICLA? I don't think it would and, as you say, 
that's even assuming that all past contributors have signed the ICLA.

> Essentially I am asking - how could it be that a project could never
> be added to the Approved Release because of an incompatible license?

I don't think we're relying on the ICLAs when we adopt pre-existing code 
as much as we're relying on the license being ASL.

Are you perhaps suggesting that the CLA doesn't confer as much benefit 
as may be assumed because large initial chunks of the code in some 
projects were not licensed to the Foundation under the CLA but rather 
under the ASL?


More information about the legal-discuss mailing list