Andrew Milton wrote:
+-------[ Philipp von Weitershausen ]---------------------- | Andrew Milton wrote: | > +-------[ Stephan Richter ]---------------------- | > | Hello everyone, | > | | > | With the development of Zope 3, the Zope developers committed to a new | > | development process and higher software quality guidelines. With the adoption | > | of Zope 3 technologies in the wider Zope community, we should also start | > | using the process for third party package development. | > | | > | I have spent the last two weeks working on a proposal that defines a Zope | > | Software Certification Program (ZSCP) and a Common Repository that implements | > | this process. The proposal is attached to this mail. I welcome any comments | > | about it! | > | > So in order to even get your Open Source package LISTED, you have to sign over | > the rights of your code to Zope Corp (currently, Zope Foundation later), and then | > check it into the svn respository. | > | > Is this is correct? | | No. The common repository under the wings of ZC/ZF is just *a* | repository that implements the ZSCP. There can be others, for example | the Plone repository, the collective repository (perhaps), etc.
<block quote> The Common Repository is *not* a replacement for other high-level repositories like Plone's or ECM's. It does not aim at assimilating everything in the wider Zope community. It is merely a place for high-quality packages that are supported by the Zope development team. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Code in the Common Repository *must* also use the license stated in section 3.5 and developers *must* sign the contributor agreement. The ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ agreement is necessary to ensure that contributions originated from the contributing developer. </end quote>
a) Supported by Zope development team b) Must sign contributor agreement.
I don't see why a 'repository' of 3rd party packages needs any agreement signed, unless some kind of indemnity is required which it wouldn't need if it's "just a repository". Any 'infringement' would simply result in the offending code being removed from the repository (which would have to happen anyway in case someone 'lied' about owning it). After all the repository is not claiming ownership of the code is it (unless you have to sign it over....)
The license for the code should also be irrelevant, since it's just a repository right? Just a convenient one stop shop for packages. So each package should be able to have its own license, no need for a common license.
Having to sign the agreement serves no purpose unless there's some other IP issue involved other than simply storing the code.
Handing over ownership to the ZF and therefore having signed a Contributor Agreement are the terms of the svn.zope.org repository, just like that code is to be made ZPL. These are the rules of the repository, even today (except for s/ZF/ZC). If you're not happy with that, then use your another repository. Nobody is forcing you to put your stuff there. Putting stuff into svn.zope.org *does* have advantages: * it's easy to feed packages upstream to Zope for a later inclusion into a Zope distribution. * putting a project/package under the wings of the ZF ensures long-term IP protection * code in svn.zope.org will be under the common control of the Zope developers which makes long-term maintenance easier to ensure. * the common license (ZPL) and the common ownership of the ZF do away with some legal headaches... Perhaps there are others. Philipp