On 04/03/2013 22:08, Brett Cannon wrote:
On Mon, Mar 4, 2013 at 4:33 PM, Mark Lawrence <breamoreboy@yahoo.co.uk <mailto:breamoreboy@yahoo.co.uk>> wrote:
On 04/03/2013 20:46, Terry Reedy wrote:
On 3/4/2013 11:36 AM, Brett Cannon wrote:
On Mon, Mar 4, 2013 at 11:30 AM, Brian Curtin <brian@python.org <mailto:brian@python.org> <mailto:brian@python.org <mailto:brian@python.org>>> wrote:
The full announcement is at
http://blog.python.org/2013/__03/introducing-electronic-__contributor.html <http://blog.python.org/2013/03/introducing-electronic-contributor.html>, but a summary follows.
We've now moved to an electronic Contributor License Agreement form at http://www.python.org/psf/__contrib/contrib-form/ <http://www.python.org/psf/contrib/contrib-form/> which will hopefully ease the signing and sending of forms for our potential contributors. The form shows the required fields whether you're signing as an individual or a representative of an organization, and removes the need to print, scan, fax, etc.
When a new contributor fills in the form, they are emailed a copy of the form and asked to confirm the email address that they used (and received that copy at). Upon confirming, the signed form is sent to the PSF Administrator and filed away.
The signature can either be generated from your typed name, or you can draw or upload your actual written signature if you choose.
With this in place I would like to propose that all patches submitted to bugs.python.org <http://bugs.python.org> <http://bugs.python.org> must come from someone who has signed the CLA before we consider committing it (if you want to be truly paranoid we could say that we won't even look at the code w/o a CLA).
Either policy could be facilitated by tracker changes. In order to see the file upload box, one must login and the tracker knows who has a CLA on file (as indicated by a * suffix on the name). If a file is uploaded by someone without, a box could popup with the link to the e-form and a message that a CLA is required.
People already use the bug tracker as an excuse not to contribute, wouldn't this requirement make the situation worse?
Depends on your paranoia. If you're worried about accidentally lifting IP merely by reading someone's source code, then you wouldn't want to touch code without the CLA signed.
Now I'm not that paranoid, but I'm still not about to commit someone's code now without the CLA signed to make sure we are legally covered for the patch. If someone chooses not to contribute because of the CLA that's fine, but since we have already told at least Anatoly that we won't accept patches from him until he signs the CLA I'm not going to start acting differently towards others. I view legally covering our ass by having someone fill in a form is worth the potential loss of some contribution in the grand scheme of things.
Who's talking source code, you're previously mentioned *ALL* patches needing a CLA. Does this mean you have to sign a CLA for a one line documentation patch? What is the definition of a patch, an actual patch file or a proposal for a change that is given within a bug tracker message? -- Cheers. Mark Lawrence