Gregory's ServerIf you're asked to sign a CLA and/or copyright assignment before contributing to a FOSS project, refuse, and make a hard fork of the project instead.
Take direct action for free software.
 46 comments
 That is too simplistic. Not all CLAs are evil (copyright assignments are mostly evil). Old Red Hat/Fedora CLA was only to guarantee Fedora/RH right to use software even if you withdrew it … a reasonable precaution for a company which planned to use it for enterprise product. @richardfontana and @conservancy had a lot of blog posts etc. on it.  @drewdevault Needs some care though, because what GitHub calls a ‘CLA’ can actually turn out to mean you just have to sign the DCO. I’ve been caught out by this before. @dpk what do you mean by "GitHub" calling it a CLA? How does this present on the UI? Did they add some kind of first-class CLA thing? @drewdevault I dunno to what extent it’s first-class vs just something people are using a required ‘check’ for, but e.g. here’s a thing from a random Caddy PR. Caddy uses the DCO, but it’s called a ‘Contributor License Agreement’ for some reason  @drewdevault @dpk CLA Assistant (https://cla-assistant.io) is used by some projects for DCO too. By the way, I am not opposed to dual-licensing approaches _generally_, where one entity holds the copyright over a piece of free software and distributes it with copyleft generally and privately with a permissive license for a fee -- IF they don't accept contributions from third-parties and expect them to assign copyright to the stewards free of charge. In other words, I respect your right to do whatever you want with your own copyright. I do not respect your right to do whatever you want with someone else's work that you got for free. @drewdevault I think there is also the part where the copyright holder *chose* to share it under a free license that is being neglected here. The drive-by contributor did not create the project from scratch. Regardless of what one prefers, it is only fair to recognize this side equally. @zygoon I reject the notion that the "original author" is a privileged position in free software, it is not in our interests to perceive it this way. Free software projects are communal property. @drewdevault, pit yourself in the shoes of a hypothetical developer who works on something and CHOOSES to make it available under a copy left license, hoping to make it useful to individuals while leaving the gate open for business engagement that wants to avoid copy left. Accepting a contribution, even relatively trivial, changes that ability. It is again something that each project and developer needs to come up with a policy for, but sweeping the problem under the rug is not a fair response @drewdevault yes exactly! This is why accepting or not accepting contributions is a choice, just like choosing to release the source under some license. My whole point is that it is not a clear cut black and white decision, and I can imagine myself making the same unpopular choice in certain circumstances. A copyleft+CLA project is just one particular way of trying to make non-proprietary, gratis software. Until this problem is solved, we will keep seeing people try possible solutions. @zygoon repeating myself, if you don't accept contributions then I am perfectly fine with you utilizing a dual licensing situation with a public copyleft+gratis license and a private permissive-for-a-fee license. But I assert that it is morally wrong to solicit uncompensated contributions from the public and ask contributors to sign a copyright assignment to keep the gravy train rolling based on someone else's work. @drewdevault, but the community does benefit from the original availability. I understand it is not a popular choice among the foss crowd, but I think we can recognize that maintaining asymmetry is one of the reasons the software is non-private to begin with. @zygoon no, I refuse to recognize this. I acknowledge the value that dual-licensed projects with a single copyright holder provide to their communities, and I support projects that choose to use this approach. I *do not* and *will not* recognize the right for commercial entities to retain sole right to the commercialization of a communal work. This defies the spirit of and social contract of free software. @drewdevault, how can a business close something that was not entirely owned? It cannot. It must start with the same owner releasing something significant enough to warrant asymmetric contributions (small) from the wider community. You can argue that over time, this is immoral, but the basic stance is too strong as the owner had every right to make that decision, and all the participants understood the deal. @zygoon I can and do argue that this is immoral from the start. It's not right. @drewdevault, but then you also say that all the contributors participated in immoral activity, and I think you can not make that claim for them without taking their agency away. @zygoon at no point during this discussion did I say that, as a matter of fact. That's victim blaming. @drewdevault I think I either don't understand something about your opinion or I can not make my opinion clearly enough. I wish we lived in a world without CLAs... @zygoon it's easy. If you solicit public contributions to a free software project, but ask them to assign the copyright to you, or offer you an exclusive right to sublicense the work, for commercial reasons, this is morally wrong. That statement makes no moral judgements upon the person who may or may not be presented with or sign the CAA. @drewdevault in your opinion, is that equally morally wrong as making proprietary software or is there a gradient there? @zygoon my objection to proprietary software is not based on morals per-se, so, the question doesn't really make sense, at least when you ask it of me in particular. @zygoon in any case, I don't like viewing morals as existing on a gradient in the first place. @drewdevault right but I think this is related: the alternative to the copyleft+CLA is, in many cases, full proprietary. I don't like it but I think it's in some ways better than not having the software in the public at all. @zygoon that's like saying the alternative to mugging is theft. Like, fuck you either way, right? @drewdevault wait, is it? I don't get it, how can you equate that. CLA is purely a business model. One of the very few in the FOSS world. @zygoon are you using "business model" here as some kind of magic word that hand waves away moral/ethical concerns @drewdevault no, it's really just a business model: someone hires a bunch of people to create some software and then releases that under *GPL + CLA hoping it gets popular and can be sold (either as a service or as license). There's no moral part there yet, it's just a decision to operate in this specific way. The moral decision is individual making the contribution. The rules are clear. @zygoon what the fuck are you talking about with the contributor making the moral exercise here This business model uses the free software value proposition to build a community, establish a market share, and get users dependent on their product, so that they can sell it later on, make it non-free, and coerce a community into paying for software that it helped build by popularizing it under the social contract of FOSS and also literally by contributing code to the damn thing. This is WRONG @drewdevault the contributors are not ignorant and CHOOSE to play along. They could have forked but didn't. The non-free angle is entirely up in the air: it's possible, I totally agree on that but it's not guaranteed. Only certain types of software is susceptible to being closed as a SAAS. GNU requires CLA for entirely different reasons but it's (more or less) clear why they do that. In both cases the contributor chooses to contribute under the rules set out by the project or fork or not. @zygoon most contributors ARE ignorant! And I am calling for them to fork it! This is exploiting the free software community for private gain in a manner wholey inconsistent with the ethos of free software, and it's fucked up. End of story. Goodbye. @drewdevault Would that work? And has it ever happened? Curious now. @jonasvautherin I would have no objections to this. And it does happen, but not generally by soliciting random code from the public, but just by hiring people to work on your FOSS project  Well, that depends on what the CLA says. Apache Software Foundation, for instance, has a CLA that states that ASF has the right to license the contributions under Apache License, and that your contributions are free of IP infringements (to your knowledge). Linux Foundation also seems to have a CLA, https://docs.linuxfoundation.org/lfx/easycla/v2-current/contributors/individual-contributor Does that mean we should fork every project from these foundations that we use? @niclas aye. I think this confusion is part of why I encourage projects to use the DCO instead of a CLA if they need to assert provenance. In some narrow cases doing something about patent grants is also a good idea in patent infested domains like A/V @drewdevault while morally the right thing to do, hard forking is in most cases simply not viable from a workload perspective. Especially as most projects requiring CLAs are single vendor projects, and I as a single developer cannot stem the workforce that the business behind it has. Sure I could've hard forked vagrant when they asked me to sign a CLA. But my fork would see next to no development and would simply die. @drewdevault If you need to sign an agreement to contribute, it is not free software anymore. That is my opinion. |
@drewdevault Or at the very least, understand what it is you're signing and make sure you are OK with what it means. Don't just sign it because you're told to in order to get your patch accepted.