Contributors mailing list archives


Re: Time to change our CLA

Open for Small Business, Graeme Gellatly
- 17/01/2016 18:02:38

Agree with Stefan. It is a requirement for OCA to function. Fundamentally you either trust the institution or you don't. Btw, my research showed overwhelmingly that developers trust OCA and community based organisations in many cases more than their own company.

On Mon, 18 Jan 2016 5:08 AM Stefan Rijnhart <> wrote:
On 16-01-16 08:52, Yajo wrote:
> > To the maximum extent permitted by the relevant law, You grant to Us
> a perpetual, worldwide, non-exclusive, transferable, royalty-free,
> irrevocable license under the Copyright covering the Contribution,
> with the right to sublicense such rights through multiple tiers of
> sublicensees, to reproduce, modify, display, perform and distribute
> the Contribution as part of the Material; provided that this license
> is conditioned upon compliance with Section 2.3.
> That means that you can wake up one day and realise that module you
> contributed last week under AGPL is today LGPL, BSD or Apache. Not fun
> either.
> IMHO it's time to drop that. Instead, the CLA should state that no
> contributions under non-OSI licenses will be taken, and that you get
> for granted that your contribution will never be sublicensed without
> your consent.

Hi Yajo,

I don't agree. The governance of the body of code in the OCA is one of
the main objectives of the OCA organization and this clause is essential
to guarantee the continuity of this body of work. I'm thinking of cases
in which Odoo relicenses to an AGPL incompatible but OSI approved
license, or in the case of an update to the AGPL (a future AGPL-4) from
which all contributors would benefit. Remember that the Linux kernel
could not switch to GPL-3 because it would be unfeasible to track all
individual contributors to ask their permission (for instance, because
they are no longer amongst us).

Note that section 2.3 of Community Association-Individual.pdf
mentions that contributions can only ever be relicensed under an OSI
approved license. In combination with the layered structure of
membership organization which protects the OCA against a hostile
takeover, that is good enough for me.

Best regards,

Post to: