Re: Software Grants for GitHub Projects...
Matt, you're saying the same thing, except it's not one individual but two [1] (spmallette + okram) , who own the vast majority of the IP. They also claim to be in the possession of CLAs from the other contributors. The problem was not insufficient data to substantiate claims, but TMI. Secretary@ pushed back for that clear reason, the proposal for resubmission addressed that. If secretary@ will have additional concerns (including forwarding to legal@), we'll address them as they come. Hadrian [1] https://github.com/tinkerpop/tinkerpop3/graphs/contributors On 02/02/2015 09:53 AM, Matt Franklin wrote: On Mon Feb 02 2015 at 8:09:43 AM Hadrian Zbarcea hzbar...@gmail.com wrote: On 02/01/2015 03:19 PM, Benson Margulies wrote: On Sun, Feb 1, 2015 at 2:12 PM, John D. Ament johndam...@apache.org wrote: On Sun Feb 01 2015 at 1:05:10 AM Alex Harui aha...@adobe.com wrote: On 1/31/15, 9:09 AM, Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 11:32 AM, Matt Franklin m.ben.frank...@gmail.com wrote: On Sat Jan 31 2015 at 11:22:15 AM Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 10:55 AM, James Carman ja...@carmanconsulting.com wrote: Are there guidelines for these usual considerations? For all the small stuff, the safe path is to get an ICLA from each committer, and an email message positively stating an intent to donate the code. Yes, this is the safest approach; but, may not be necessary for changes that do not represent significant IP. For instance, our projects accept minor contributions through JIRA, without an ICLA. There's a critical distinction here. Once you have released a product under the Apache license, people can contribute new things to it under the terms of the license. The license has very specific language: if you take code from us, and then send us a contribution (email, JIRA, github PR, carrier pigeon) that is a derivative of what you took, you are granting the code to the Foundation. That doesn't help with the initial import of a project from github or bitbucket or Jupiter or Mars; none of those contributions met the criteria in the license of sending a contribution back to the Foundation, because the code wasn't here in the first place. Just curious, what if the code was under AL but not at Apache? The license is pretty clear about this: *5. Submission of Contributions*. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. So basically, anything you contribute back is assumed to be under the Apache license, unless you (the author) say otherwise or there's some other license in play (The apache license doesn't supersede other licenses). Of course you should consult with legal counsel before making any contributions though. I think to Benson's point, The ASF requires that any incoming code was put in under that license agreement or there's a SGA stating the prior license can be converted. Note the phrase, intentionally submitted for inclusion in the Work by You _to the Licensor_. Who is the licensor for a body of work not at Apache? The process has to start with a clear ownership of copyright -- the licensor. The purpose of the SGA, I think, is to get a clear answer to that question. You might be able to argue that a particular github repo is made up of an initial work with a single owner, and then contributions to it under the terms of the AL. In which case, you'd just need an SGA from that original single owner. IANAL. My understanding is that the Licensor is whomever claims to be 'it'. As long ans the claimant produces documentation to substantiate the claim that we can accept, we should be good. I don't see a need/requirement for the Licensor to necessarily be a legal organization. That is if it's not one single owner but a small group of contributors/owners, that should be ok too. My understanding is that the licensor must be able to own the copyright, thus a legal entity (company or individual). IMO, we should either take the acceptance of Tinkerpop as a Licensor to legal@ or we just ask anyone who has contributed signifiant IP to sign an ICLA with new copyright assignment. IANAL, $0.02, Hadrian - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
Re: Software Grants for GitHub Projects...
On Mon, Feb 2, 2015 at 4:19 PM, Hadrian Zbarcea hzbar...@gmail.com wrote: Matt, you're saying the same thing, except it's not one individual but two [1] (spmallette + okram) , who own the vast majority of the IP. They also claim to be in the possession of CLAs from the other contributors. The problem was not insufficient data to substantiate claims, but TMI. Secretary@ pushed back for that clear reason, the proposal for resubmission addressed that. If secretary@ will have additional concerns (including forwarding to legal@), we'll address them as they come. Well, the situation you describe here is about 180 degrees removed from the hypothetical that started this thread. So just about nothing written on this thread is relevant. If two people can make in conscience fill out an SGA, that's that. Hadrian [1] https://github.com/tinkerpop/tinkerpop3/graphs/contributors On 02/02/2015 09:53 AM, Matt Franklin wrote: On Mon Feb 02 2015 at 8:09:43 AM Hadrian Zbarcea hzbar...@gmail.com wrote: On 02/01/2015 03:19 PM, Benson Margulies wrote: On Sun, Feb 1, 2015 at 2:12 PM, John D. Ament johndam...@apache.org wrote: On Sun Feb 01 2015 at 1:05:10 AM Alex Harui aha...@adobe.com wrote: On 1/31/15, 9:09 AM, Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 11:32 AM, Matt Franklin m.ben.frank...@gmail.com wrote: On Sat Jan 31 2015 at 11:22:15 AM Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 10:55 AM, James Carman ja...@carmanconsulting.com wrote: Are there guidelines for these usual considerations? For all the small stuff, the safe path is to get an ICLA from each committer, and an email message positively stating an intent to donate the code. Yes, this is the safest approach; but, may not be necessary for changes that do not represent significant IP. For instance, our projects accept minor contributions through JIRA, without an ICLA. There's a critical distinction here. Once you have released a product under the Apache license, people can contribute new things to it under the terms of the license. The license has very specific language: if you take code from us, and then send us a contribution (email, JIRA, github PR, carrier pigeon) that is a derivative of what you took, you are granting the code to the Foundation. That doesn't help with the initial import of a project from github or bitbucket or Jupiter or Mars; none of those contributions met the criteria in the license of sending a contribution back to the Foundation, because the code wasn't here in the first place. Just curious, what if the code was under AL but not at Apache? The license is pretty clear about this: *5. Submission of Contributions*. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. So basically, anything you contribute back is assumed to be under the Apache license, unless you (the author) say otherwise or there's some other license in play (The apache license doesn't supersede other licenses). Of course you should consult with legal counsel before making any contributions though. I think to Benson's point, The ASF requires that any incoming code was put in under that license agreement or there's a SGA stating the prior license can be converted. Note the phrase, intentionally submitted for inclusion in the Work by You _to the Licensor_. Who is the licensor for a body of work not at Apache? The process has to start with a clear ownership of copyright -- the licensor. The purpose of the SGA, I think, is to get a clear answer to that question. You might be able to argue that a particular github repo is made up of an initial work with a single owner, and then contributions to it under the terms of the AL. In which case, you'd just need an SGA from that original single owner. IANAL. My understanding is that the Licensor is whomever claims to be 'it'. As long ans the claimant produces documentation to substantiate the claim that we can accept, we should be good. I don't see a need/requirement for the Licensor to necessarily be a legal organization. That is if it's not one single owner but a small group of contributors/owners, that should be ok too. My understanding is that the licensor must be able to own the copyright, thus a legal entity (company or individual). IMO, we should either take the acceptance of Tinkerpop as a Licensor to legal@ or we just ask anyone who has contributed signifiant IP to sign an ICLA with new copyright assignment. IANAL, $0.02, Hadrian
Re: Software Grants for GitHub Projects...
On 02/01/2015 03:19 PM, Benson Margulies wrote: On Sun, Feb 1, 2015 at 2:12 PM, John D. Ament johndam...@apache.org wrote: On Sun Feb 01 2015 at 1:05:10 AM Alex Harui aha...@adobe.com wrote: On 1/31/15, 9:09 AM, Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 11:32 AM, Matt Franklin m.ben.frank...@gmail.com wrote: On Sat Jan 31 2015 at 11:22:15 AM Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 10:55 AM, James Carman ja...@carmanconsulting.com wrote: Are there guidelines for these usual considerations? For all the small stuff, the safe path is to get an ICLA from each committer, and an email message positively stating an intent to donate the code. Yes, this is the safest approach; but, may not be necessary for changes that do not represent significant IP. For instance, our projects accept minor contributions through JIRA, without an ICLA. There's a critical distinction here. Once you have released a product under the Apache license, people can contribute new things to it under the terms of the license. The license has very specific language: if you take code from us, and then send us a contribution (email, JIRA, github PR, carrier pigeon) that is a derivative of what you took, you are granting the code to the Foundation. That doesn't help with the initial import of a project from github or bitbucket or Jupiter or Mars; none of those contributions met the criteria in the license of sending a contribution back to the Foundation, because the code wasn't here in the first place. Just curious, what if the code was under AL but not at Apache? The license is pretty clear about this: *5. Submission of Contributions*. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. So basically, anything you contribute back is assumed to be under the Apache license, unless you (the author) say otherwise or there's some other license in play (The apache license doesn't supersede other licenses). Of course you should consult with legal counsel before making any contributions though. I think to Benson's point, The ASF requires that any incoming code was put in under that license agreement or there's a SGA stating the prior license can be converted. Note the phrase, intentionally submitted for inclusion in the Work by You _to the Licensor_. Who is the licensor for a body of work not at Apache? The process has to start with a clear ownership of copyright -- the licensor. The purpose of the SGA, I think, is to get a clear answer to that question. You might be able to argue that a particular github repo is made up of an initial work with a single owner, and then contributions to it under the terms of the AL. In which case, you'd just need an SGA from that original single owner. IANAL. My understanding is that the Licensor is whomever claims to be 'it'. As long ans the claimant produces documentation to substantiate the claim that we can accept, we should be good. I don't see a need/requirement for the Licensor to necessarily be a legal organization. That is if it's not one single owner but a small group of contributors/owners, that should be ok too. IANAL, $0.02, Hadrian - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
Re: Software Grants for GitHub Projects...
On Mon Feb 02 2015 at 8:09:43 AM Hadrian Zbarcea hzbar...@gmail.com wrote: On 02/01/2015 03:19 PM, Benson Margulies wrote: On Sun, Feb 1, 2015 at 2:12 PM, John D. Ament johndam...@apache.org wrote: On Sun Feb 01 2015 at 1:05:10 AM Alex Harui aha...@adobe.com wrote: On 1/31/15, 9:09 AM, Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 11:32 AM, Matt Franklin m.ben.frank...@gmail.com wrote: On Sat Jan 31 2015 at 11:22:15 AM Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 10:55 AM, James Carman ja...@carmanconsulting.com wrote: Are there guidelines for these usual considerations? For all the small stuff, the safe path is to get an ICLA from each committer, and an email message positively stating an intent to donate the code. Yes, this is the safest approach; but, may not be necessary for changes that do not represent significant IP. For instance, our projects accept minor contributions through JIRA, without an ICLA. There's a critical distinction here. Once you have released a product under the Apache license, people can contribute new things to it under the terms of the license. The license has very specific language: if you take code from us, and then send us a contribution (email, JIRA, github PR, carrier pigeon) that is a derivative of what you took, you are granting the code to the Foundation. That doesn't help with the initial import of a project from github or bitbucket or Jupiter or Mars; none of those contributions met the criteria in the license of sending a contribution back to the Foundation, because the code wasn't here in the first place. Just curious, what if the code was under AL but not at Apache? The license is pretty clear about this: *5. Submission of Contributions*. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. So basically, anything you contribute back is assumed to be under the Apache license, unless you (the author) say otherwise or there's some other license in play (The apache license doesn't supersede other licenses). Of course you should consult with legal counsel before making any contributions though. I think to Benson's point, The ASF requires that any incoming code was put in under that license agreement or there's a SGA stating the prior license can be converted. Note the phrase, intentionally submitted for inclusion in the Work by You _to the Licensor_. Who is the licensor for a body of work not at Apache? The process has to start with a clear ownership of copyright -- the licensor. The purpose of the SGA, I think, is to get a clear answer to that question. You might be able to argue that a particular github repo is made up of an initial work with a single owner, and then contributions to it under the terms of the AL. In which case, you'd just need an SGA from that original single owner. IANAL. My understanding is that the Licensor is whomever claims to be 'it'. As long ans the claimant produces documentation to substantiate the claim that we can accept, we should be good. I don't see a need/requirement for the Licensor to necessarily be a legal organization. That is if it's not one single owner but a small group of contributors/owners, that should be ok too. My understanding is that the licensor must be able to own the copyright, thus a legal entity (company or individual). IMO, we should either take the acceptance of Tinkerpop as a Licensor to legal@ or we just ask anyone who has contributed signifiant IP to sign an ICLA with new copyright assignment. IANAL, $0.02, Hadrian - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
Re: Software Grants for GitHub Projects...
On Sun Feb 01 2015 at 1:05:10 AM Alex Harui aha...@adobe.com wrote: On 1/31/15, 9:09 AM, Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 11:32 AM, Matt Franklin m.ben.frank...@gmail.com wrote: On Sat Jan 31 2015 at 11:22:15 AM Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 10:55 AM, James Carman ja...@carmanconsulting.com wrote: Are there guidelines for these usual considerations? For all the small stuff, the safe path is to get an ICLA from each committer, and an email message positively stating an intent to donate the code. Yes, this is the safest approach; but, may not be necessary for changes that do not represent significant IP. For instance, our projects accept minor contributions through JIRA, without an ICLA. There's a critical distinction here. Once you have released a product under the Apache license, people can contribute new things to it under the terms of the license. The license has very specific language: if you take code from us, and then send us a contribution (email, JIRA, github PR, carrier pigeon) that is a derivative of what you took, you are granting the code to the Foundation. That doesn't help with the initial import of a project from github or bitbucket or Jupiter or Mars; none of those contributions met the criteria in the license of sending a contribution back to the Foundation, because the code wasn't here in the first place. Just curious, what if the code was under AL but not at Apache? The license is pretty clear about this: *5. Submission of Contributions*. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. So basically, anything you contribute back is assumed to be under the Apache license, unless you (the author) say otherwise or there's some other license in play (The apache license doesn't supersede other licenses). Of course you should consult with legal counsel before making any contributions though. I think to Benson's point, The ASF requires that any incoming code was put in under that license agreement or there's a SGA stating the prior license can be converted. John -Alex - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
Re: Software Grants for GitHub Projects...
On Sun, Feb 1, 2015 at 2:12 PM, John D. Ament johndam...@apache.org wrote: On Sun Feb 01 2015 at 1:05:10 AM Alex Harui aha...@adobe.com wrote: On 1/31/15, 9:09 AM, Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 11:32 AM, Matt Franklin m.ben.frank...@gmail.com wrote: On Sat Jan 31 2015 at 11:22:15 AM Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 10:55 AM, James Carman ja...@carmanconsulting.com wrote: Are there guidelines for these usual considerations? For all the small stuff, the safe path is to get an ICLA from each committer, and an email message positively stating an intent to donate the code. Yes, this is the safest approach; but, may not be necessary for changes that do not represent significant IP. For instance, our projects accept minor contributions through JIRA, without an ICLA. There's a critical distinction here. Once you have released a product under the Apache license, people can contribute new things to it under the terms of the license. The license has very specific language: if you take code from us, and then send us a contribution (email, JIRA, github PR, carrier pigeon) that is a derivative of what you took, you are granting the code to the Foundation. That doesn't help with the initial import of a project from github or bitbucket or Jupiter or Mars; none of those contributions met the criteria in the license of sending a contribution back to the Foundation, because the code wasn't here in the first place. Just curious, what if the code was under AL but not at Apache? The license is pretty clear about this: *5. Submission of Contributions*. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. So basically, anything you contribute back is assumed to be under the Apache license, unless you (the author) say otherwise or there's some other license in play (The apache license doesn't supersede other licenses). Of course you should consult with legal counsel before making any contributions though. I think to Benson's point, The ASF requires that any incoming code was put in under that license agreement or there's a SGA stating the prior license can be converted. Note the phrase, intentionally submitted for inclusion in the Work by You _to the Licensor_. Who is the licensor for a body of work not at Apache? The process has to start with a clear ownership of copyright -- the licensor. The purpose of the SGA, I think, is to get a clear answer to that question. You might be able to argue that a particular github repo is made up of an initial work with a single owner, and then contributions to it under the terms of the AL. In which case, you'd just need an SGA from that original single owner. IANAL. John -Alex - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
Software Grants for GitHub Projects...
Is there a standard within the incubator about how we go about getting the appropriate forms filled out when we want to incubate a project from GitHub? GitHub fosters a sort of fly-by contribution model (and that's a good thing), but it makes donating the code a bit troublesome, because we need to make sure that all (to a certain degree?) of the contributors do, in fact want to donate the code they contributed to the foundation. Note that this problem isn't necessarily unique to GitHub, but Git itself somewhat highlights the issue because contributions from outside parties (pull requests) do maintain metadata about their original authors. With SVN, typically someone with karma has to do the commit and it gets tagged with their identity, so the audit trail goes cold (comments can contain attributions, but that's hard to report on). Anyway, just looking for some guidance here. We are trying to move TinkerPop forward and how exactly we go about getting the forms filled out properly is somewhat of a blocker. Thanks, James Carman, Assistant Secretary Apache Software Foundation - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
Re: Software Grants for GitHub Projects...
Are there guidelines for these usual considerations? On Saturday, January 31, 2015, Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 8:44 AM, James Carman ja...@carmanconsulting.com javascript:; wrote: Is there a standard within the incubator about how we go about getting the appropriate forms filled out when we want to incubate a project from GitHub? GitHub fosters a sort of fly-by contribution model (and that's a good thing), but it makes donating the code a bit troublesome, because we need to make sure that all (to a certain degree?) of the contributors do, in fact want to donate the code they contributed to the foundation. Simple answer: no. It is up to you to get ICLA/CCLA/SGA as appropriate for all contributors based on the usual considerations of contribution size, copyright ownership, and provenance clarity. if you have some stray commits that you can't cover, you can either reimplement, or make an argument that are below the threshold of concern. The github metadata helps a bit, but since you have no guarantee that the committer is the author, there's no possible way to see this as automated. The fact that code is published under the AL does _not_ make it automatically code that you can pull in no matter what else. We require a positive intent to contribute the code to the foundation. Note that this problem isn't necessarily unique to GitHub, but Git itself somewhat highlights the issue because contributions from outside parties (pull requests) do maintain metadata about their original authors. With SVN, typically someone with karma has to do the commit and it gets tagged with their identity, so the audit trail goes cold (comments can contain attributions, but that's hard to report on). Anyway, just looking for some guidance here. We are trying to move TinkerPop forward and how exactly we go about getting the forms filled out properly is somewhat of a blocker. Thanks, James Carman, Assistant Secretary Apache Software Foundation - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org javascript:; For additional commands, e-mail: general-h...@incubator.apache.org javascript:; - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org javascript:; For additional commands, e-mail: general-h...@incubator.apache.org javascript:;
Re: Software Grants for GitHub Projects...
On Sat, Jan 31, 2015 at 10:55 AM, James Carman ja...@carmanconsulting.com wrote: Are there guidelines for these usual considerations? (Queue Marvin on the subject of documentation.) http://www.apache.org/licenses/ My understanding: when a significant body of code arrives all at once, the Foundation desires an SGA. That, however, assumes that one legal entity is granting the license to the whole thing. So, if you have a github repo whose contents are assembled of a uniform distribution of small contributions, there would be no point to an SGA. If, on the other hand, the histogram of contribution size versus copyright holder indicated that some copyright owners contributed 'significant' bodies of code, then SGAs from those entities might be called for. There is no established law that allows the Foundation to set hard criteria in terms of lines of code, so this has to be a judgement call, and people sometimes call upon the VP, Legal for assistance in making those judgement calls. For all the small stuff, the safe path is to get an ICLA from each committer, and an email message positively stating an intent to donate the code. Note that copyright still stays with them; they are granting a license, but we also require that code that 'moves into' Apache some with some expression of positive intent on the part of the author/copyright owner. On Saturday, January 31, 2015, Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 8:44 AM, James Carman ja...@carmanconsulting.com javascript:; wrote: Is there a standard within the incubator about how we go about getting the appropriate forms filled out when we want to incubate a project from GitHub? GitHub fosters a sort of fly-by contribution model (and that's a good thing), but it makes donating the code a bit troublesome, because we need to make sure that all (to a certain degree?) of the contributors do, in fact want to donate the code they contributed to the foundation. Simple answer: no. It is up to you to get ICLA/CCLA/SGA as appropriate for all contributors based on the usual considerations of contribution size, copyright ownership, and provenance clarity. if you have some stray commits that you can't cover, you can either reimplement, or make an argument that are below the threshold of concern. The github metadata helps a bit, but since you have no guarantee that the committer is the author, there's no possible way to see this as automated. The fact that code is published under the AL does _not_ make it automatically code that you can pull in no matter what else. We require a positive intent to contribute the code to the foundation. Note that this problem isn't necessarily unique to GitHub, but Git itself somewhat highlights the issue because contributions from outside parties (pull requests) do maintain metadata about their original authors. With SVN, typically someone with karma has to do the commit and it gets tagged with their identity, so the audit trail goes cold (comments can contain attributions, but that's hard to report on). Anyway, just looking for some guidance here. We are trying to move TinkerPop forward and how exactly we go about getting the forms filled out properly is somewhat of a blocker. Thanks, James Carman, Assistant Secretary Apache Software Foundation - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org javascript:; For additional commands, e-mail: general-h...@incubator.apache.org javascript:; - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org javascript:; For additional commands, e-mail: general-h...@incubator.apache.org javascript:; - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
Re: Software Grants for GitHub Projects...
On Sat Jan 31 2015 at 11:22:15 AM Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 10:55 AM, James Carman ja...@carmanconsulting.com wrote: Are there guidelines for these usual considerations? (Queue Marvin on the subject of documentation.) http://www.apache.org/licenses/ My understanding: when a significant body of code arrives all at once, the Foundation desires an SGA. That, however, assumes that one legal entity is granting the license to the whole thing. So, if you have a github repo whose contents are assembled of a uniform distribution of small contributions, there would be no point to an SGA. If, on the other hand, the histogram of contribution size versus copyright holder indicated that some copyright owners contributed 'significant' bodies of code, then SGAs from those entities might be called for. There is no established law that allows the Foundation to set hard criteria in terms of lines of code, so this has to be a judgement call, and people sometimes call upon the VP, Legal for assistance in making those judgement calls. For all the small stuff, the safe path is to get an ICLA from each committer, and an email message positively stating an intent to donate the code. Yes, this is the safest approach; but, may not be necessary for changes that do not represent significant IP. For instance, our projects accept minor contributions through JIRA, without an ICLA. Note that copyright still stays with them; they are granting a license, but we also require that code that 'moves into' Apache some with some expression of positive intent on the part of the author/copyright owner. On Saturday, January 31, 2015, Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 8:44 AM, James Carman ja...@carmanconsulting.com javascript:; wrote: Is there a standard within the incubator about how we go about getting the appropriate forms filled out when we want to incubate a project from GitHub? GitHub fosters a sort of fly-by contribution model (and that's a good thing), but it makes donating the code a bit troublesome, because we need to make sure that all (to a certain degree?) of the contributors do, in fact want to donate the code they contributed to the foundation. Simple answer: no. It is up to you to get ICLA/CCLA/SGA as appropriate for all contributors based on the usual considerations of contribution size, copyright ownership, and provenance clarity. if you have some stray commits that you can't cover, you can either reimplement, or make an argument that are below the threshold of concern. The github metadata helps a bit, but since you have no guarantee that the committer is the author, there's no possible way to see this as automated. The fact that code is published under the AL does _not_ make it automatically code that you can pull in no matter what else. We require a positive intent to contribute the code to the foundation. Note that this problem isn't necessarily unique to GitHub, but Git itself somewhat highlights the issue because contributions from outside parties (pull requests) do maintain metadata about their original authors. With SVN, typically someone with karma has to do the commit and it gets tagged with their identity, so the audit trail goes cold (comments can contain attributions, but that's hard to report on). Anyway, just looking for some guidance here. We are trying to move TinkerPop forward and how exactly we go about getting the forms filled out properly is somewhat of a blocker. Thanks, James Carman, Assistant Secretary Apache Software Foundation - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org javascript:; For additional commands, e-mail: general-h...@incubator.apache.org javascript:; - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org javascript:; For additional commands, e-mail: general-h...@incubator.apache.org javascript:; - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
Re: Software Grants for GitHub Projects...
On Sat, Jan 31, 2015 at 8:44 AM, James Carman ja...@carmanconsulting.com wrote: Is there a standard within the incubator about how we go about getting the appropriate forms filled out when we want to incubate a project from GitHub? GitHub fosters a sort of fly-by contribution model (and that's a good thing), but it makes donating the code a bit troublesome, because we need to make sure that all (to a certain degree?) of the contributors do, in fact want to donate the code they contributed to the foundation. Simple answer: no. It is up to you to get ICLA/CCLA/SGA as appropriate for all contributors based on the usual considerations of contribution size, copyright ownership, and provenance clarity. if you have some stray commits that you can't cover, you can either reimplement, or make an argument that are below the threshold of concern. The github metadata helps a bit, but since you have no guarantee that the committer is the author, there's no possible way to see this as automated. The fact that code is published under the AL does _not_ make it automatically code that you can pull in no matter what else. We require a positive intent to contribute the code to the foundation. Note that this problem isn't necessarily unique to GitHub, but Git itself somewhat highlights the issue because contributions from outside parties (pull requests) do maintain metadata about their original authors. With SVN, typically someone with karma has to do the commit and it gets tagged with their identity, so the audit trail goes cold (comments can contain attributions, but that's hard to report on). Anyway, just looking for some guidance here. We are trying to move TinkerPop forward and how exactly we go about getting the forms filled out properly is somewhat of a blocker. Thanks, James Carman, Assistant Secretary Apache Software Foundation - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
Re: Software Grants for GitHub Projects...
On Sat, Jan 31, 2015 at 11:32 AM, Matt Franklin m.ben.frank...@gmail.com wrote: On Sat Jan 31 2015 at 11:22:15 AM Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 10:55 AM, James Carman ja...@carmanconsulting.com wrote: Are there guidelines for these usual considerations? (Queue Marvin on the subject of documentation.) http://www.apache.org/licenses/ My understanding: when a significant body of code arrives all at once, the Foundation desires an SGA. That, however, assumes that one legal entity is granting the license to the whole thing. So, if you have a github repo whose contents are assembled of a uniform distribution of small contributions, there would be no point to an SGA. If, on the other hand, the histogram of contribution size versus copyright holder indicated that some copyright owners contributed 'significant' bodies of code, then SGAs from those entities might be called for. There is no established law that allows the Foundation to set hard criteria in terms of lines of code, so this has to be a judgement call, and people sometimes call upon the VP, Legal for assistance in making those judgement calls. For all the small stuff, the safe path is to get an ICLA from each committer, and an email message positively stating an intent to donate the code. Yes, this is the safest approach; but, may not be necessary for changes that do not represent significant IP. For instance, our projects accept minor contributions through JIRA, without an ICLA. There's a critical distinction here. Once you have released a product under the Apache license, people can contribute new things to it under the terms of the license. The license has very specific language: if you take code from us, and then send us a contribution (email, JIRA, github PR, carrier pigeon) that is a derivative of what you took, you are granting the code to the Foundation. That doesn't help with the initial import of a project from github or bitbucket or Jupiter or Mars; none of those contributions met the criteria in the license of sending a contribution back to the Foundation, because the code wasn't here in the first place. Note that copyright still stays with them; they are granting a license, but we also require that code that 'moves into' Apache some with some expression of positive intent on the part of the author/copyright owner. On Saturday, January 31, 2015, Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 8:44 AM, James Carman ja...@carmanconsulting.com javascript:; wrote: Is there a standard within the incubator about how we go about getting the appropriate forms filled out when we want to incubate a project from GitHub? GitHub fosters a sort of fly-by contribution model (and that's a good thing), but it makes donating the code a bit troublesome, because we need to make sure that all (to a certain degree?) of the contributors do, in fact want to donate the code they contributed to the foundation. Simple answer: no. It is up to you to get ICLA/CCLA/SGA as appropriate for all contributors based on the usual considerations of contribution size, copyright ownership, and provenance clarity. if you have some stray commits that you can't cover, you can either reimplement, or make an argument that are below the threshold of concern. The github metadata helps a bit, but since you have no guarantee that the committer is the author, there's no possible way to see this as automated. The fact that code is published under the AL does _not_ make it automatically code that you can pull in no matter what else. We require a positive intent to contribute the code to the foundation. Note that this problem isn't necessarily unique to GitHub, but Git itself somewhat highlights the issue because contributions from outside parties (pull requests) do maintain metadata about their original authors. With SVN, typically someone with karma has to do the commit and it gets tagged with their identity, so the audit trail goes cold (comments can contain attributions, but that's hard to report on). Anyway, just looking for some guidance here. We are trying to move TinkerPop forward and how exactly we go about getting the forms filled out properly is somewhat of a blocker. Thanks, James Carman, Assistant Secretary Apache Software Foundation - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org javascript:; For additional commands, e-mail: general-h...@incubator.apache.org javascript:; - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org javascript:; For additional commands, e-mail: general-h...@incubator.apache.org javascript:;
Re: Software Grants for GitHub Projects...
On 1/31/15, 9:09 AM, Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 11:32 AM, Matt Franklin m.ben.frank...@gmail.com wrote: On Sat Jan 31 2015 at 11:22:15 AM Benson Margulies bimargul...@gmail.com wrote: On Sat, Jan 31, 2015 at 10:55 AM, James Carman ja...@carmanconsulting.com wrote: Are there guidelines for these usual considerations? For all the small stuff, the safe path is to get an ICLA from each committer, and an email message positively stating an intent to donate the code. Yes, this is the safest approach; but, may not be necessary for changes that do not represent significant IP. For instance, our projects accept minor contributions through JIRA, without an ICLA. There's a critical distinction here. Once you have released a product under the Apache license, people can contribute new things to it under the terms of the license. The license has very specific language: if you take code from us, and then send us a contribution (email, JIRA, github PR, carrier pigeon) that is a derivative of what you took, you are granting the code to the Foundation. That doesn't help with the initial import of a project from github or bitbucket or Jupiter or Mars; none of those contributions met the criteria in the license of sending a contribution back to the Foundation, because the code wasn't here in the first place. Just curious, what if the code was under AL but not at Apache? -Alex - To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
