Hello Niall, > Why is it any different than Harmony?
Harmony requires that an "Authorized Contributor Questionnaire" be signed. The ACQ surely has been reviewd by the ASF legal team, and signatures are legally significant. http://harmony.apache.org/auth_cont_quest.html The POI "Get Involved" page only mentions this: > Those submitting patches that show insight into the file format > may be asked to state explicitly that they are eligible or > possibly sign an agreement. http://jakarta.apache.org/poi/getinvolved/index.html "may be"? "possibly"? Did the ASF legal team prepare such a document for signing or not? If they did, shouldn't it be linked on the web page? And why isn't every contributor required to state or sign something? Who decides who will have to state or sign? And who will process and keep track of the statements or signed documents if not the ASF legal team, who obviously are not aware of any such thing? If there is an established procedure addressing these questions, it should be documented on the web page. If there is not, the statement quoted above is just idle. > If someone has received > knowledge of MS propriety formats under a NDA then wouldn't using that > knowledge to contribute to POI put the POI project at risk? Yes it would. That's why the page mentions that people with access to NDA'd information are not allowed to contribute. As far as I can tell, there is no discussion about this policy. There is a discussion about access restrictions in SVN. Let me throw the following statements/opinions into this discussion: 1. Jakarta committers have proven that they are responsible developers, otherwise they wouldn't have been voted committers. 2. No responsible developer would just commit some code to a Jakarta subproject with which he/she is not familiar, or ignore the rules and policies in place for that subproject. 3. If current committers show interest in contributing to the POI subproject, they will make an appearance on the mailing lists and submit patches to the bug tracking system for review. There is plenty of opportunity to educate them about the policy and to question them about possible NDA contamination. 4. If anyone would commit unwanted/dangerous code to POI (directly without patch review!) that contribution would immediately be detected from the commit message that is automatically generated, and would be vetoed and undone by the regular committers to the subproject. This discussion is about removing technical barriers in SVN, not about throwing random (barbed ;-) code into POI. It's about running a community based on mutual trust and review as opposed to walls and fences. At least that's how I see it. > I also think its a mistake to deal with whatever issues people think > there are in POI via a vote. Back in March the POI devs voted to > exclude POI from this policy of opening SVN access. If we think the > reason underlying POI's exclusion from this policy is not valid then > it would have been far better to start a discussion with them > regarding this first - rather than launching straight into a vote. I'd > have rather seem an attempt at consensus first rather than going > straight for conflict. +1 > Seems to me that svn access isn't the root of the issue here and > therefore a red herring, since changing that isn't IMO going to > resolve whatever the real issues people think there are. +1 cheers, Roland --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]