Recent searches
Search options
nothing ruins my motivation to send fixes to your open source project more than to ask me to sign a CLA for it.
sorry guys I'm just not that interested in reviewing a legal contract just to improve your software for free
@hailey Well, it actually isn't "for free" if the fix would include code to be copyrightable. That would then place a future burden on the open source project.
Also: Investigating whether the fix is copyrightable or not takes time (= cost)
Thus, the only possible solution an open source project has is to ask contributors to sign a CLA.
@troed @jacqueline @hailey If the change is trivial, there is no copyright risk anyway.
If the change is significant, I hope you trust the author, because risks of them introducing harm thru code are much greater than risks of copyright shenanigans. You have evidence of their intent to put the code in project X under license Y. If you think that's not enough, have them state it explicitly. This does not need a lopsided contract, especially not one that gives you power to relicense proprietary.
@troed @jacqueline @hailey Even if they do sign a CLA, that does nothing to mitigate risk that the code is plagiarized and they lack any rights to license it to you. So CLA doesn't even CYA. It just keeps the VCs happy knowing they can rugpull the FOSS community.
@troed @jacqueline @hailey The intended power dynamic when we (FOSS community) interact with FOSS under a commercial umbrella is that we are the ones with the power to rugpull. When the shareholders try to do shit we don't approve of, we fork and leave them holding a silly brand name.
@troed @jacqueline @hailey *The* reason CLAs exist is that they know this, and don't want to be the idiots stuck holding nothing but a name. Instead of upholding their side of the social contract to prevent that, they want to be holding special rights assigned to them by all the authors which a party operating a fork wouldn't also have.
Fuck that.
I have experience from this from both sides of the debate. Both as an open source developer and activist within a Very Large Company as well as an open source contributor in my spare time.
There's no need to think of all Very Large Companies as evil. However, if someone contributes code to the code base they're maintaining it is a major legal headache if that person can use their copyright in some unspecified future to block - for example - a license change.
"have them state it explicitly"
Exactly! That's a CLA :)
@troed @jacqueline @hailey Except it's not. I have never seen a CLA whose text is exactly the standard license text the project id publicly licensed under. Rather it grants elevated privileges to one specific party. Moreover its name contains the odious word "agreement". FOSS does not have "license agreements". It has licenses.
@troed @jacqueline @hailey For lots of reasons I don't think it's a good FOSS citizen. It is an important part of secure communications infrastructure.
CC: @troed@sangberg.se @jacqueline@chaos.social @hailey@hails.org
@khm @troed @jacqueline @hailey It may cover some of the liability but it doesn't fix having your git history polluted and undistributable, or absolve you of having to rewrite code.