-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/18/2012 03:46 PM, Lennart Regebro wrote:
On Sat, Aug 18, 2012 at 9:36 PM, Jens Vagelpohl <jens@dataflake.org> wrote:
The contributor agreement requires you as the contributor to be able to enter into the contract with the Zope Foundation transferring one half ownership to the Zope Foundation. You can only enter into this contract if you own (as in "wrote") the code yourself - you cannot assign ownership to someone else for something you don't fully own.
The goal of these contractual requirements is to make sure software stored in the Zope Foundation is as "clean" as possible from an ownership standpoint. People who use code from svn.zope.org have a reasonable assurance that no third party will show up on your doorstep demanding money or license fees for code that third party claims to own.
I've just recently seen what can happen for projects not following this kind of strict policy: The python-ldap package developers are unable to e.g. assign a new license to their code because since they don't hold any ownership and would need to ask every single developer who ever touched that code - an impossible task. For us that kind of issue does not arise.
Yes, but my question is why this changes with github.
Because the ability to check into svn.zope.org is based on a "chain of custody" managed by the ZF (web account, verified e-mail address, and SSH key). J. Random Hacker's account on Github has no such chain. Tres. - -- =================================================================== Tres Seaver +1 540-429-0999 tseaver@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlAwAwgACgkQ+gerLs4ltQ7/wwCgpdrjdb1ER6P7FS3lqO91FlwO ucQAnRpbKzABEIXDrDg5vsgJcCxz7DNX =0tGk -----END PGP SIGNATURE-----