On Tue, 29 Jun 2010 09:39:11 -0700 Ian Lance Taylor <i...@google.com> wrote:
> I am doing what I can. However, looking at other projects doesn't help > very much because most other projects simply don't worry about these > issues. That is, for example, why the Linux kernel was vulnerable to > the SCO lawsuit I think it makes sense to know where your patches come from, but I hate to see reasoning like this. The Linux kernel wasn't sued - IBM was sued. Some of the stuff that was vaguely named on the rare occasion when somebody at SCO could be bothered to specify anything already had a loooong paper trail behind it - read-copy-update, for example. SCO was alleging misbehavior by a large corporation which very clearly put its name behind everything it did. Anonymous contributors had nothing to do with it. It should be noted that the SCO suit caused the Linux kernel code to be put under a microscope in a way that few other projects have had to endure. The result was one mildly questionable patch from SGI which had already been removed. Despite the lack of a paper trail, the kernel's code was squeaky-clean. > (I have heard that they have since adjusted their > practices to some extent). We've gone to the "you must post under something that looks like a plausible real-world name" approach, along with a requirement for a signoff line in the patch that says you're authorized to contribute it. No paper, no ID checks. jon