Community-led development "The Apache Way"
This was extracted (@ 2021-06-16 22:10) from a list of minutes
which have been approved by the Board.
Please Note The Board typically approves the minutes of the previous meeting at the beginning of every Board meeting; therefore, the list below does not normally contain details from the minutes of the most recent Board meeting.
Meeting times vary, the exact schedule is available to ASF Members and Officers, search for "calendar" in the Foundation's private index page (svn:foundation/private-index.html).
It appears that there may be incomplete understanding of what the current CCLA requires of the ASF. It imposes burdens on the Foundation that did not apply before. Jennifer Machovec, legal council for IBM, was invited to participate in a discussion over the current versions of the Corporate CLA and recommended changes to it, mostly as related to the Derby code donation, as well as to basic enhancement and protection. The revised Corporate CLA was to list all employees authorized to contribute code as well as the individual projects to which they can contribute to. Jennifer noted that the suggested changes provided an "irrevocable donation of code" in any and all circumstances, even if the employee had made a mistake. It was remarked that this would place the ASF under additional administrative burdens, monitoring and matching CVS commits against the list. It also tends to move the ASF further and further away from the core concept of a "relationship" which the ASF has been built on, that of the ASF with regards to the individual. It was remarked that the ASF's "web of trust" extends between the ASF and the individual contributor, and, at least in the opinion of some directors, that is as far as it needs to be. It was further discussed that the proposed changes would, in the minds of several directors, make the development environment with the ASF less healthy and organic, but placing restrictions on which projects people could work on. The CLAs were supposed to open the doors for people to contribute, rather than close or restrict them. Jennifer stated that, in her opinion, this was leaving the ASF in a risky position and could leave it open to "problems" in the future. The board's position was that taking authority and ownership over controls that should really be placed by the individual him/herself or between an employee and employer was likely more dangerous and risky. In essence, the ASF works with people who have exhibited a high level of trust, and that we can therefore trust them to do the right thing. And if they don't, it isn't something that the ASF has monitored or controlled, so the impact to us directly is much smaller; taking on those responsibilities opens us up to more risk. It was correctly noted that the present Corporate CLA and v2 of the Apache License are incompatible. Jennifer stated that she would take our comments under review and try to work up another revision.