On 16 February 2012 18:57, Brian LeRoux <[email protected]> wrote: > There is no nefarious plan to patch bomb Apache Cordova and any > indication that might be the case is plain wrong. I think this might > be a slight cultural disconnect. Apache is new to us and we them. > Traditionally, in our long 3 year heritage =P, we've been *very* good > with ensuring CLAs signed. (At least, since the IBMers came involved.) > > Where we and Apache differ is in commit access. In the past, if you > had a decent contribution and a CLA then we made that person a full > committer. (No vote.) > > This is likely the root src of the concern identified by Ross.
No, this is not the root concern. I was at an event (Jquery UK) last week at which Cordova was featured quite heavily. I heard some rather confusing and worrying stories. At the same time I was asked to check the CCLA situation for SalesForce.com. These two items were *not* connected, but in my rush to address both situations I mixed the two into a single summary mail and caused confusion. My apologies. Back to the "worrying stories". These were coming from people who are *not* committers and they sounded like "chinese whispers" to me. Rather than suggest these stories are true I just wanted to flag the importance of due diligence in the contribution process here at the ASF. Note, the three people involved in the discussion were *very* upbeat about the move of Cordova to the ASF, this conversation is not anything to worry about from a public perception point of view. > Its a practice we borrowed from the Rubinious project and one Apache > would benefit from. I, and most (all?) others in the ASF, are a great believers in the low barriers policy you describe. The vote is additional, to your previous policy. It's interesting that in over ten years though I've never seen a vote fail (I'm sure it has happened, but not on any I've observed). Note a vote PMC membership exists for legal reasons, but a vote for committership (I believe) exists for social reasons. It might be possible to explore ways of simplifying that in this project, although I've never seen a problem with it since it is just a mechanism to ensure that people *can* object if a situation were to arise where objection is necessary. However, I think that is separate from my concern about IP due diligence. I'm happy to discuss alternatives to committer votes in a separate thread if you want to explore it (honestly I have no idea if an alternative is possible, but I'd be glad to help you explore options in the ASF). To be clear about my concern over IP due diligence is that no committer should be contributing code that is not either a) authored by themselves or b) contributed through a defined and public contribution process (e.g. git pull request, patch in issue tracker or whatever you want to adopt). As I said in my original post, if this is *not* happening then the project is on very solid ground. If it *is* happening then we need to examine why it is happening and, if possible, remove whatever barriers exist for the acceptable options of a) and b)., Ross
