Niall Pemberton wrote: > On 12/17/06, Roland Weber <[EMAIL PROTECTED]> wrote: >> Hello Niall, >> >> > Why is it any different than Harmony? >> >> Harmony requires that an "Authorized Contributor Questionnaire" >> be signed. The ACQ surely has been reviewd by the ASF legal team, >> and signatures are legally significant. >> http://harmony.apache.org/auth_cont_quest.html >> >> The POI "Get Involved" page only mentions this: >> > Those submitting patches that show insight into the file format >> > may be asked to state explicitly that they are eligible or >> > possibly sign an agreement. >> http://jakarta.apache.org/poi/getinvolved/index.html >> >> "may be"? "possibly"? Did the ASF legal team prepare such a >> document for signing or not? If they did, shouldn't it be >> linked on the web page? And why isn't every contributor required >> to state or sign something? Who decides who will have to state >> or sign? And who will process and keep track of the statements >> or signed documents if not the ASF legal team, who obviously >> are not aware of any such thing? >> >> If there is an established procedure addressing these questions, >> it should be documented on the web page. If there is not, the >> statement quoted above is just idle. > > I agree there should be an established policy endorsed by the PMC. My > fear is that Andy Oliver either won't have the patience to do what it > takes or fail to get anywhere because he pi**es off too many people in > the process. Hopefully he'll prove me wrong or someone else from POI > will sort it out.
I simply don't care to be honest. Nick is doing lot's of work for POI, without any guidance from the people you anticipate of giving guidance, which is what I care about. So my first goal is helping out Nick so he can continue the good work he is doing over there. > >> > If someone has received >> > knowledge of MS propriety formats under a NDA then wouldn't using that >> > knowledge to contribute to POI put the POI project at risk? >> >> Yes it would. That's why the page mentions that people with >> access to NDA'd information are not allowed to contribute. >> As far as I can tell, there is no discussion about this policy. >> There is a discussion about access restrictions in SVN. Let me >> throw the following statements/opinions into this discussion: >> >> 1. Jakarta committers have proven that they are responsible >> developers, otherwise they wouldn't have been voted committers. >> >> 2. No responsible developer would just commit some code to a >> Jakarta subproject with which he/she is not familiar, or >> ignore the rules and policies in place for that subproject. > > Generally this is true, although I have seen a couple of occasions > where committers have made code changes on Commons components they had > no prior involvement with without pinging the mailing list first. And we educated those people. > >> 3. If current committers show interest in contributing to the >> POI subproject, they will make an appearance on the mailing >> lists and submit patches to the bug tracking system for review. >> There is plenty of opportunity to educate them about the policy >> and to question them about possible NDA contamination. >> >> 4. If anyone would commit unwanted/dangerous code to POI >> (directly without patch review!) that contribution would >> immediately be detected from the commit message that is >> automatically generated, and would be vetoed and undone >> by the regular committers to the subproject. >> >> This discussion is about removing technical barriers in SVN, >> not about throwing random (barbed ;-) code into POI. It's >> about running a community based on mutual trust and review >> as opposed to walls and fences. At least that's how I see it. > > Personally I'm +/-0 on removing svn barriers anyway. I don't believe > any exisiting committer that starts to contribute to a project in the > normal way isn't going to get given commit access pretty quickly. > Anyway generally I don't disagree with the sentiments/opinions you've > expressed - but I do think POI has grounds for a slightly different > policy than most of our code bases since what they deal with is the IP > of a large company that if infringed could cause us problems in the > same way as with Harmony and Sun's source code. IMO then the > contrubuting policy for POI needs to be resolved/formally established > first and svn access should be decided afterwards once we have a > policy endorsed by the PMC. The first problem we have to deal with is that releases aren't done the way the ASF wants them to be done, which is currently the legal issue at hand. Part of the problem is that they (sorry bad word choices coming here) don't trust the rest of Jakarta of doing the right thing and the rest of Jakarta trusts them to do the right thing. They have proven they don't do the right thing atm (to be clear : not blaming Nick here!), which hurts Jakarta as a whole. Maybe repeating myself here :) Mvgr, Martin --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
