commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stian Soiland-Reyes <>
Subject Re: [ALL] Ask for CLA before merging pending GitHub pull requests
Date Sun, 22 Mar 2015 03:41:47 GMT
Right, just keep in mind:

For contributions, you as the committer would be responsible for the
content being IP clean, not the pull request submitter.

How do you do this from a larger contribution (e.g. 3 new classes) from a
github user known only as "msTentactle"?

If she has signed the CLA, then she is responsible instead, as it includes:

> 4. You represent that you are legally entitled to grant the above license.

Note that this also applies to the committer that does the merge from
non-CLA contribs.

For patches that probably is not even copyrightable or unlikely to be say
copy-pasted from Oracle code, then no need for a CLA.
On 19 Mar 2015 20:39, "Mark Thomas" <> wrote:

> On 19/03/2015 17:32, Bruno P. Kinoshita wrote:
> > Hello,
> >
> > There is a pending pull request at GitHub to the incubator [text]
> > component that I would like to merge. Before doing so, could someone
> > confirm whether I have to check if the user has already signed a CLA
> > [1], and if not, ask him/her to sign it, please?
> Warning: Personal pet peeve ahead. Apologies in advance for the shouting :)
> No, no, no, no, NO!
> CLAs are NEVER *required* for the ASF to use patch. Section 5 of the
> Apache License V2 gives us all the legal permissions we *need* to use a
> patch, assuming the conditions of that section are met. There is the
> question of what is an intentional submission but it is safe to assume -
> unless the author states otherwise - that something submitted via Jira
> or a pull request is an intentional submission.
> There is a view among many projects that for 'large' contributions is is
> prudent to have a CLA on file. I do not share that view. The only folks
> we *require* CLAs from are committers.
> > IIRC, when users
> > submit patches via JIRA it displays an option to donate the code
> > submitted via patch to ASF.
> We removed that option years ago because it served no purpose (and it
> was a PITA to maintain the custom plug-in that implemented it). Again,
> section 5 of the ALv2 gives us all the cover we need.
> Bugzilla (which pre-dates Jira) has never had such an option.
> > If signing CLA's is a requirement for
> > GitHub pull requests, maybe we could ping @infra and check with them
> > if we could use clabot [2] for that?
> No need. Just review the pull request and - if it is acceptable - merge it.
> Mark
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message