HI Wes, thanks for the reply. How do the committers and PMC check the IP currently? Is there any standard tool for it that you use?
> -----Original Message----- > From: Wes McKinney [mailto:[email protected]] > Sent: Monday, April 29, 2019 4:39 PM > To: [email protected] > Subject: Re: [Contribution][Proposal] Use Contributors file and Signed-Off-By > Process for Arrow > > hi Areg, > > I think this is a question for ASF Legal and not Apache Arrow directly. Some > contributors submit a ICLA or CCLA to the project, but broadly it is the > responsibility of the Committers and PMC members to steward IP in the > project, and one of the parts of the release process is to verify that the > software has complied with the ASF's licensing policies [1] > > Thanks > Wes > > [1]: https://apache.org/legal/resolved.html > > On Mon, Apr 29, 2019 at 4:27 PM Melik-Adamyan, Areg <areg.melik- > [email protected]> wrote: > > > > To avoid contamination of the Arrow code with wrong licensed code, which > can be accidentally included into arrow, including GPL code, and track the > contributions maintainers needs to check actually whether committer has > signed the ICLA or CCLA, and listed in the contributors file - which we do not > have. This is needed to set the clean chain of contribution to safeguard 3rd > parties. So either let's add CONTRIBUTORS file, or also we can add "sign-off > by > process" [1] as it is used in Kernel. The latter will allow single patch > contribution without CLA submission. I do not know what are the requirements > of the Apache Foundation, but web page does not state sole requirement only > on CLA. > > > > [1] https://ltsi.linuxfoundation.org/software/signed-off-process/ > >
