
I will not sign the CLA for less than $100, payable in Bitcoins in advance - williamstein
https://github.com/datastax/nodejs-driver/issues/33#issuecomment-90071348
======
Someone1234
I may be misreading the Contributor License Agreement Wikipedia page, but it
seems to me that the core reason why CLAs exist is to undermine the core
concept of OSS software. Essentially it allows some company to randomly re-
license free contributions to turn them private/for-profit.

The fact that your contributions are now effectively owned by DataStax and
then licensed back to the people who actually wrote them(!) gives me a very
bad feeling, like you've just become an unpaid employee of DataStax.

I will fully admit that I haven't read DataStax's CLA in full, but that is
because I cannot without giving them access to my GitHub account...

PS - I understand that the FSF does this also, but the FSF isn't a for-profit
company so apples and oranges in my view.

~~~
pyre
> Essentially it allows some company to randomly re-license free contributions
> to turn them private/for-profit.

On the other hand, without signing over your rights, you can effectively hold
up a project from moving forward. For example, if a project wanted to move
from GPLv2 to GPLv3, IIRC, you can't do that without the permission of all
contributors unless they have signed over their rights. And as @trestletech
has pointed out not all contributors are created equal[1].

One the one hand, you have people making significant contributions (and you
don't want to just stomp all over them), on the other hand you could have
people making tiny contributions, yet are holding up everyone else.

[1]: [https://github.com/datastax/nodejs-
driver/commit/6f3c6b2f454...](https://github.com/datastax/nodejs-
driver/commit/6f3c6b2f4543487a8a4c2ff04d88a500c4772298)

~~~
ta82828
A contributor can have legitimate reasons for not wanting their code re-
licensed. For example, the Linux kernel deliberately did not move to GPLv3.
Would such a contributor be "holding the project up" or would they be rightly
demanding that the license under which they contributed code be honored?

Obviously the devil's in the details of the terms of the CLA. I had previously
thought the purpose of the CLA was to allow the projects organizers to make
copyright claims in court, not to allow them to re-license.

~~~
pyre
My "holding up the project" comment was more in relation to people that make
small contributions (e.g. correct spelling mistakes and/or typos), but
(maybe?) legally still need to sign off on a relicense. In this case, it
really comes across as petty to put up a huge fight.

~~~
icebraining
What huge fight? The guy is just saying that he isn't willing to invest the
time in understanding the full implications of the contract he's being asked
to sign, and that they can pay him if they want him to bother. At a very
reasonable rate, I might add, considering he's a software developer and that
carefully reading a CLA might take an hour or more.

~~~
pyre
I wasn't aiming in particular at this person with the "huge fight" part.

------
epaulson
I won't sign Apache/Google-style CLAs either, because there's no way to
terminate the agreement for any future contribution. Once you've signed,
you're bound forever that anything you "submit" is a contribution - and
basically everything is a contribution - from Google's CLA:

    
    
      For the purposes of this definition, "submitted" means any
      form of electronic, verbal, or written communication sent
      to Google or its representatives, including but not limited
      to communication on electronic mailing lists, source code
      control systems, and issue tracking systems that are 
      managed by, or on behalf of, Google for the purpose of
      discussing and improving the Work, but excluding
      communication that is conspicuously marked or otherwise
      designated in writing by You as "Not a Contribution."
    

For example, if you so much as talk to a Googler at the airport bar about a
project you've signed a CLA for, bam, it's a contribution unless you remember
to be explicit about saying "This is not a contribution". On the other hand,
if you don't sign, only things that you explicitly mark as a contribution or
otherwise suitably license are contributions, and someone who's signed the CLA
is free to integrate it without needing to ask you.

I don't want some agreement following me around for life, and I don't want to
have to disclose to every future employer that "Oh yeah, I've got an agreement
with X that unless I remember to say otherwise X gets the rights to use it".

I'd sign a CLA that included a clause that said "This agreement may be
terminated by either party in writing. Terminating this agreement does not
revoke any licenses granted to the project while the agreement was in force."

------
trestletech
chmac's single, substantive contribution to the project:
[https://github.com/datastax/nodejs-
driver/commit/6f3c6b2f454...](https://github.com/datastax/nodejs-
driver/commit/6f3c6b2f4543487a8a4c2ff04d88a500c4772298)

~~~
gburt
I think he still has a point. Perhaps not for him in particular on this
project.

~~~
trestletech
I think he all-the-more has a point: that he shouldn't waste his time reading
and signing some scary contract to be able to contribute a correction of a
typo.

------
tjake
The CLA protects users of the software from contributors coming back later and
saying: "Hey I own that code and now you need to pay me!" Apache projects in
general rely on CLA documents.

It's totally in the right of the contributor to refuse to sign this document.
But don't expect your contributions to be applied, or work on any Apache
licensed projects :)

~~~
mordocai
I am not a lawyer, but I'm pretty sure that how non-cla open source projects
handle it also protects them from that eventuality.

All contributors are required to say "This code is released under X license"
which prevents the person from later coming back and asking for money for them
to use the code.

Edit: Assuming my above comment is correct, what this means is that the only
real point of a CLA that I'm aware of is to allow the owner of the CLA to
change the license on code without asking the contributors.

~~~
blumkvist
I think the point is that if a project is big enough, it will inevitably go to
court at some point (probably at many points). Having a CLA will make this a
lot less expensive for the project maintainers.

~~~
icebraining
Why is it cheaper with a CLA?

~~~
mikeryan
Because the Contributors, in advance, have already agreed to confer a certain
set of IP rights to the mainter and manager with respect to the code they've
contribute. This means there's less questions during litigation about the
rights to the code the maintainer holds and prevents the maintainer from
having to track down individual contributors during a lawsuit.

------
th0br0
As they're releasing the code under Apache 2.0 anyway, what is the motivation
for having contributors sign an additional CLA?

I'd much rather see them use a Contributor License Agreement (e.g. the Harmony
ones that Canonical uses [1]) than requiring the contributors to assign their
rights to the source code (which he or she might not be able to do legally).

[1] [http://harmonyagreements.org](http://harmonyagreements.org)

~~~
pyre
Those contributors contributed when it was _not_ under the Apache license.
They either need to get all rights assigned to them (DataStax) and then they
can relicense it under Apache, or they need to get all contributors to agree
to relicense under Apache. Looks like they are taking option 1 because it will
make relicensing less of a headache in the future if it becomes necessary.

~~~
th0br0
Ah, thanks. That part was missing from the issue.

------
pimlottc
Ignoring the issue of CLAs, I can't help but find the "You did it!"
confirmation message a bit patronizing.

------
jhugg
That doesn’t seem like a terrible deal. $100/per CLA wouldn’t even be that bad
for a thousand CLAs, i.e. it would scale for a while.

