OFBiz-Sandbox approved on SourceForge.net

> Hey David (others),
>
> I want to avoid being in a potentially
> similar situation that Ofbiz was  in prior
> to Apache incubation.
>
> Who owns the code that people contribute via svn?
> (rhetorical question follows) Prior to Apache
> Incubation was Open for Business a legal entity that
> could accept ownership?  If it wasn't, I find myself
> in a similar situation in that ofbiz-sandbox isn't a
> legal entity.  As far as my contributions that are
> OFBiz related, I don't care how others use it as long
> as it doesn't prevent me from using it.  How can I
> ensure that others who post to the sandbox svn are
> making their commits in a similar manner?

> Since solutions provided in the sandbox have a
> potential to being applicable to the Apache Ofbiz
> project, what can be done ahead of time to ensure that
> someone has the ability to create a patch based on
> sandbox code, upload it to Apache OFBiz's JIRA and
> legally be able to click the "Grant license to ASF for
> inclusion in ASF works" radio button?  Because the
> intention of the sandbox is to facilitate
> collaboration, it's likely the person creating the
> patch doesn't own the code he's submitting in it's
> entirety.
>
> I want the sandbox to supplement Apache Ofbiz's
> efforts and make it easier to develop solutions.  I
> don't want contributions to have legal ramifications
> because of who owned the contribution when it was all
> in the spirit of open source.
>
> This issue isn't unique to the sandbox either.  Unless
> Tim and the others that contributed for the shopping
> cart improvement are all employees of Hotwax and Tim
> was contributing patches as a function of Hotwax's
> operations, they face a similar legal question.  Anil
> and Ashish would have potential for legal recourse
> later even if they don't voice objections today and
> even if they have iCLAs on file with the ASF as they
> weren't the donors of their work.  I'm not saying it's
> a valid argument, but does at least pass the standard
> for a nuisance one.  And if your 25 years or older in
> the United States, chances are you already understand
> the costs of a nuisance lawsuit.

> Thanks for your feedback or if you can point me to
> someone in the ASF who can give me a more definitive
> answer.
>
> Regards,
> Chris
>
>
> --- David E Jones <[hidden email]>
> wrote:
>
>>
>> On Jan 4, 2007, at 4:43 PM, Chris Howe wrote:
>>
>>> For those of you interested, a project for a
>> sandbox
>>> has been approved on sourceforge.net
>>> (http://sourceforge.net/projects/ofbiz-sandbox/).
>> The
>>> goal is to provide an area that you can
>> collaborate on
>>> ideas for implementations based on Apache Open for
>>> Business.  These collaborations can be from simple
>>> feature improvements, to showcasing a particular
>>> change, to complete components, to a half-baked
>> idea
>>> that you want to get the gist out to and let
>> someone
>>> with some more skills or time help work on.
>>>
>>> Please understand that this is currently (and
>>> depending on Apache OFBiz's interest in this side
>>> project, perhaps permanently), completely outside
>> of
>>> the Apache Ofbiz project and has no relation to
>> the
>>> ASF other than simply being geeked about the
>> current
>>> and future Apache Open for Business project.  Code
>>> that gets added to the ofbiz-sandbox may never
>> make it
>>> into the Apache OFBiz project.  I have no control
>> over
>>> such matters.
>>
>> Thanks for clarifying this distinction. My
>> experience with the ASF is
>> still somewhat limited, but form what I know so far
>> this sort of
>> thing is for the most part discouraged at the ASF.
>> There is an
>> informal "project" that is like a sandbox for ASF
>> committers only
>> that is meant to be a pre-incubator type of thing to
>> explore
>> different things and facilitate collaboration in
>> those.
>>
>> Just because it's unofficial, there's certainly no
>> problem with this
>> from the OFBiz perspective, and we could probably
>> even find a place
>> for a link to on the OFBiz site or at least on
>> Confluence. It is the
>> intent of OFBiz that anyone can build whatever they
>> want on top of
>> it, and if you're interested in facilitating this,
>> go for it!
>>
>>> There is no level of quality necessary to
>> contribute.
>>> Just do your best not to wreck someone else's
>>> progress.
>>>
>>> I think the goal of anyone who would be
>> contributing
>>> any time or code to the ofbiz-sandbox is doing so
>> in
>>> the spirit of open source so that others can
>> benefit
>>> from a solution they've discovered.  Therefore to
>>> prevent any potential roadblocks in Apache Ofbiz
>>> adopting solutions formed in the sandbox, all
>>> contributed code will be under the Apache 2.0
>> license
>>> and I suppose donated to the ASF.  If anyone knows
>>> what I need to do to ensure a roadblock isn't
>> created,
>>> please let me know (collect iCLA's from potential
>>> committers, ensure Apache already has an iCLA for
>> the
>>> potential committer ??)  As soon as I get that
>>> question answered, I'll start adding people who
>> want
>>> to be added to the svn commit access on the sf.net
>>> site.
>>
>> Before the code touches the OFBiz code base it
>> doesn't matter, you
>> can do manage things however you want. I wouldn't
>> worry about CLAs
>> until code starts moving to OFBiz, and even then if
>> it doesn't have
>> to go through incubation CLAs won't be needed
>> anyway.
>>
>> Still, if there are large blocks of code developed
>> by a bunch of
>> different people the licensing issues get trickier
>> and such things
>> _may_ have to go through incubation to get into the
>> OFBiz code
>> base... When you have a bunch of fingers in a pot
>> things do get
>> trickier...
>>
>>> Personally, I would prefer to use these mailing
>> lists
>>> for discussion of things in the sandbox (to
>> encourage
>>> talk from more people), but if that is or becomes
>> a
>>> hassle for the Apache OFBiz project, just say the
>> word
>>> and I'll maintain a list or two off of the sf.net
>>> site.
>>
>> I don't think this is the best of ideas... If it
>> relates to the
>> development of OFBiz itself, please use the ofbiz
>> dev mailing list.
>> If it relates to the use of OFBiz itself, please use
>> the ofbiz user
>> mailing list. If it relates to the development of
>> something that is
>> _not_ OFBiz and it isn't a question or discussion
>> about how to use
>> OFBiz, using separate mailing lists would be much
>> better. Not doing
>> so could (will...) be very confusing, especially to
>> people who are
>> not up to date on all of the happenings around here.
>> Even now I'm not
>> comfortable sometimes with the level of opentaps
>> discussion on the
>> ofbiz mailing lists, but I suppose that is a natural
>> consequence of
>> the way things are structured in that project (not
>> that anything that
>> is bad or whatever), and hopefully we'll be able to
>> distinguish
>> things more clearly from the OFBiz side in the
>> future (and hopefully
>> Si will continue the same thing on the opentaps/OSS
>> side).
>>
>> -David
>>
>>
>>
>>
>

>
> --- David E Jones <[hidden email]>
> wrote:
>
>>
>> The owner of the copyright continues to own the
>> copyright. The Apache
>> 2.0 license explains fairly explicitly that only a
>> license is granted
>> from the copyright owner to the ASF, and then from
>> the ASF to any
>> users of the software.
>>
>> How you do this in a sandbox like you're shooting
>> for... I really
>> don't know! I think that's one reason the ASF
>> sandbox is limited to
>> committers only with CLAs on file. However, having a
>> CLA on file with
>> a separate organization doesn't really much for the
>> ASF.
>>
>
> A CLA for a separate legal entity (entity A) would
> give someone from entity A the the legal right to
> resubmit the collaborated work to the ASF (and
> therefore the authority to press the radio button:
> Grant license to ASF for inclusion in ASF works.) Yes?
>
> Again, thanks for your feedback!