Difference between revisions of "Committer Responsibilities Guidelines"
(New) |
|||
(5 intermediate revisions by 5 users not shown) | |||
Line 9: | Line 9: | ||
= Purpose = | = Purpose = | ||
− | In order to ensure the legal integrity of project source code, it is important for project | + | In order to ensure the legal integrity of project source code, it is important for project committers to understand legal requirements, and to ensure that code is not improperly added in source control. Before graduating incubation projects should ensure that clear guidelines and procedures are put in place for all committers. |
− | Some projects may ask for | + | Some projects may ask for committers to sign code contribution agreements that makes requirements clear. Other projects may just post committer responsibilities and require that they be reviewed and agreed to before new committers are authorized on the project. |
− | In addition to legal requirements for | + | In addition to legal requirements for committed code, it is also prudent to layout out expectations and procedures for committers. Some examples of committer guidelines can be found at: |
− | * | + | * https://gdal.org/development/rfc/rfc3_commiters.html |
− | * | + | * https://mapserver.org/development/rfc/ms-rfc-7.2.html |
− | |||
− | The following template is offered as appropriate text for a project to clarify legal expectations of code | + | The following template is offered as appropriate text for a project to clarify legal expectations of code committers. |
= Template = | = Template = | ||
Line 27: | Line 26: | ||
Generally speaking the key issues are that those providing code to be included in the repository understand that the code will be released under the '''project-license''' license, and that the person providing the code has the right to contribute the code. For the commiter themselves understanding about the license is hopefully clear. For other contributors, the commiter should verify the understanding unless the commiter is very comfortable that the contributor understands the license (for instance frequent contributors). | Generally speaking the key issues are that those providing code to be included in the repository understand that the code will be released under the '''project-license''' license, and that the person providing the code has the right to contribute the code. For the commiter themselves understanding about the license is hopefully clear. For other contributors, the commiter should verify the understanding unless the commiter is very comfortable that the contributor understands the license (for instance frequent contributors). | ||
− | If the contribution was developed on behalf of an employer (on work time, as part of a work project, etc) then it is important that an appropriate representative of the employer understand that the code will be contributed under the | + | If the contribution was developed on behalf of an employer (on work time, as part of a work project, etc) then it is important that an appropriate representative of the employer understand that the code will be contributed under the '''project-license''' license. The arrangement should be cleared with an authorized supervisor/manager, etc. |
The code should be developed by the contributor, or the code should be from a source which can be rightfully contributed such as from the public domain, or from an open source project under a compatible license. | The code should be developed by the contributor, or the code should be from a source which can be rightfully contributed such as from the public domain, or from an open source project under a compatible license. | ||
Line 40: | Line 39: | ||
* When substantial contributions are added to a file (such as substantial patches) the author/contributor should be added to the list of copyright holders for the file. | * When substantial contributions are added to a file (such as substantial patches) the author/contributor should be added to the list of copyright holders for the file. | ||
* If there is uncertainty about whether a change it proper to contribute to the code base, please seek more information from the project steering committee, or the foundation legal counsel. | * If there is uncertainty about whether a change it proper to contribute to the code base, please seek more information from the project steering committee, or the foundation legal counsel. | ||
+ | |||
+ | [[Category: Incubation]] |
Latest revision as of 10:07, 29 October 2023
Document Status
IncCom Document Number: X
Version: 1.0
Status: draft
Purpose
In order to ensure the legal integrity of project source code, it is important for project committers to understand legal requirements, and to ensure that code is not improperly added in source control. Before graduating incubation projects should ensure that clear guidelines and procedures are put in place for all committers.
Some projects may ask for committers to sign code contribution agreements that makes requirements clear. Other projects may just post committer responsibilities and require that they be reviewed and agreed to before new committers are authorized on the project.
In addition to legal requirements for committed code, it is also prudent to layout out expectations and procedures for committers. Some examples of committer guidelines can be found at:
- https://gdal.org/development/rfc/rfc3_commiters.html
- https://mapserver.org/development/rfc/ms-rfc-7.2.html
The following template is offered as appropriate text for a project to clarify legal expectations of code committers.
Template
Commiters are the front line gatekeepers to keep the code base clear of improperly contributed code. It is important to the project-name users, developers and the OSGeo foundation to avoid contributing any code to the project without it being clearly licensed under the project license.
Generally speaking the key issues are that those providing code to be included in the repository understand that the code will be released under the project-license license, and that the person providing the code has the right to contribute the code. For the commiter themselves understanding about the license is hopefully clear. For other contributors, the commiter should verify the understanding unless the commiter is very comfortable that the contributor understands the license (for instance frequent contributors).
If the contribution was developed on behalf of an employer (on work time, as part of a work project, etc) then it is important that an appropriate representative of the employer understand that the code will be contributed under the project-license license. The arrangement should be cleared with an authorized supervisor/manager, etc.
The code should be developed by the contributor, or the code should be from a source which can be rightfully contributed such as from the public domain, or from an open source project under a compatible license.
All unusual situations need to be discussed and/or documented.
Commiters should adhere to the following guidelines, and may be personally legally liable for improperly contributing code to the source repository:
- Make sure the contributor (and possibly employer) is aware of the contribution terms.
- Code coming from a source other than the contributor (such as adapted from another project) should be clearly marked as to the original source, copyright holders, license terms and so forth. This information can be in the file headers, but should also be added to the project licensing file if not exactly matching normal project licensing (LICENSE.txt).
- Existing copyright headers and license text should never be stripped from a file. If a copyright holder wishes to give up copyright they must do so in writing to the foundation before copyright messages are removed. If license terms are changed it has to be by agreement (written in email is ok) of the copyright holders.
- When substantial contributions are added to a file (such as substantial patches) the author/contributor should be added to the list of copyright holders for the file.
- If there is uncertainty about whether a change it proper to contribute to the code base, please seek more information from the project steering committee, or the foundation legal counsel.