On Jan 5, 2007, at 12:43 PM, Chris Howe wrote:
Hey David (others), I want to avoid being in a potentially similar situation that Ofbiz was in prior to Apache incubation. Who owns the code that people contribute via svn? (rhetorical question follows) Prior to Apache Incubation was Open for Business a legal entity that could accept ownership? If it wasn't, I find myself in a similar situation in that ofbiz-sandbox isn't a legal entity. As far as my contributions that are OFBiz related, I don't care how others use it as long as it doesn't prevent me from using it. How can I ensure that others who post to the sandbox svn are making their commits in a similar manner?
The owner of the copyright continues to own the copyright. The Apache 2.0 license explains fairly explicitly that only a license is granted from the copyright owner to the ASF, and then from the ASF to any users of the software.
How you do this in a sandbox like you're shooting for... I really don't know! I think that's one reason the ASF sandbox is limited to committers only with CLAs on file. However, having a CLA on file with a separate organization doesn't really much for the ASF.
Since solutions provided in the sandbox have a potential to being applicable to the Apache Ofbiz project, what can be done ahead of time to ensure that someone has the ability to create a patch based on sandbox code, upload it to Apache OFBiz's JIRA and legally be able to click the "Grant license to ASF for inclusion in ASF works" radio button? Because the intention of the sandbox is to facilitate collaboration, it's likely the person creating the patch doesn't own the code he's submitting in it's entirety. I want the sandbox to supplement Apache Ofbiz's efforts and make it easier to develop solutions. I don't want contributions to have legal ramifications because of who owned the contribution when it was all in the spirit of open source. This issue isn't unique to the sandbox either. Unless Tim and the others that contributed for the shopping cart improvement are all employees of Hotwax and Tim was contributing patches as a function of Hotwax's operations, they face a similar legal question. Anil and Ashish would have potential for legal recourse later even if they don't voice objections today and even if they have iCLAs on file with the ASF as they weren't the donors of their work. I'm not saying it's a valid argument, but does at least pass the standard for a nuisance one. And if your 25 years or older in the United States, chances are you already understand the costs of a nuisance lawsuit.
At Hotwax we address this explicitly in our sub-contractor and client agreements to make sure we can contribute things back to the open source project.
This is an issue that Andy and I have been working with for years and be careful about in our contracts and such. Just be careful of doing things on a "work for hire" basis because then whoever is paying you owns the copyright and they have to contribute it to OFBiz because you don't own the copyright so you can't license it (unless you have an adequate license from them to be able to sub-license it to the ASF...).
-David
Thanks for your feedback or if you can point me to someone in the ASF who can give me a more definitive answer. Regards, Chris --- David E Jones <[EMAIL PROTECTED]> wrote:On Jan 4, 2007, at 4:43 PM, Chris Howe wrote:For those of you interested, a project for asandboxhas been approved on sourceforge.net (http://sourceforge.net/projects/ofbiz-sandbox/).Thegoal is to provide an area that you cancollaborate onideas for implementations based on Apache Open for Business. These collaborations can be from simple feature improvements, to showcasing a particular change, to complete components, to a half-bakedideathat you want to get the gist out to and letsomeonewith some more skills or time help work on. Please understand that this is currently (and depending on Apache OFBiz's interest in this side project, perhaps permanently), completely outsideofthe Apache Ofbiz project and has no relation totheASF other than simply being geeked about thecurrentand future Apache Open for Business project. Code that gets added to the ofbiz-sandbox may nevermake itinto the Apache OFBiz project. I have no controloversuch matters.Thanks for clarifying this distinction. My experience with the ASF is still somewhat limited, but form what I know so far this sort of thing is for the most part discouraged at the ASF. There is an informal "project" that is like a sandbox for ASF committers only that is meant to be a pre-incubator type of thing to explore different things and facilitate collaboration in those. Just because it's unofficial, there's certainly no problem with this from the OFBiz perspective, and we could probably even find a place for a link to on the OFBiz site or at least on Confluence. It is the intent of OFBiz that anyone can build whatever they want on top of it, and if you're interested in facilitating this, go for it!There is no level of quality necessary tocontribute.Just do your best not to wreck someone else's progress. I think the goal of anyone who would becontributingany time or code to the ofbiz-sandbox is doing sointhe spirit of open source so that others canbenefitfrom a solution they've discovered. Therefore to prevent any potential roadblocks in Apache Ofbiz adopting solutions formed in the sandbox, all contributed code will be under the Apache 2.0licenseand I suppose donated to the ASF. If anyone knows what I need to do to ensure a roadblock isn'tcreated,please let me know (collect iCLA's from potential committers, ensure Apache already has an iCLA forthepotential committer ??) As soon as I get that question answered, I'll start adding people whowantto be added to the svn commit access on the sf.net site.Before the code touches the OFBiz code base it doesn't matter, you can do manage things however you want. I wouldn't worry about CLAs until code starts moving to OFBiz, and even then if it doesn't have to go through incubation CLAs won't be needed anyway. Still, if there are large blocks of code developed by a bunch of different people the licensing issues get trickier and such things _may_ have to go through incubation to get into the OFBiz code base... When you have a bunch of fingers in a pot things do get trickier...Personally, I would prefer to use these mailinglistsfor discussion of things in the sandbox (toencouragetalk from more people), but if that is or becomesahassle for the Apache OFBiz project, just say thewordand I'll maintain a list or two off of the sf.net site.I don't think this is the best of ideas... If it relates to the development of OFBiz itself, please use the ofbiz dev mailing list. If it relates to the use of OFBiz itself, please use the ofbiz user mailing list. If it relates to the development of something that is _not_ OFBiz and it isn't a question or discussion about how to use OFBiz, using separate mailing lists would be much better. Not doing so could (will...) be very confusing, especially to people who are not up to date on all of the happenings around here. Even now I'm not comfortable sometimes with the level of opentaps discussion on the ofbiz mailing lists, but I suppose that is a natural consequence of the way things are structured in that project (not that anything that is bad or whatever), and hopefully we'll be able to distinguish things more clearly from the OFBiz side in the future (and hopefully Si will continue the same thing on the opentaps/OSS side). -David
smime.p7s
Description: S/MIME cryptographic signature
