Eclipse Foundation. Provenance and Licensing Considerations. Eclipse IP Team November 2008

Similar documents
IP for Eclipse Committers. Janet Campbell Director, Intellectual Property Legal Counsel and Secretary Eclipse Foundation, Inc.

IP Issues in Open Source

Eclipse Collaborative Development

The Eclipse Development Process for Committers

ECLIPSE FOUNDATION, INC. INDIVIDUAL COMMITTER AGREEMENT

BCDC 2E, 2012 (On-line Bidding Document for Stipulated Price Bidding)

EMF Compare Ganymede Simultaneous Release

EMFT Mint (Incubation) 0.7 Ganymede Simultaneous Release Review

TPTP 4.7 Release Review -- One Quick Foil What s new

Eclipse Data Tools Platform (DTP) 1.8 Release Review. Eclipse DTP PMC May 28, 2010

Ecma International Policy on Submission, Inclusion and Licensing of Software

Installing Your Microsoft Access Database (Manual Installation Instructions)

End User Licence. PUBLIC 31 January 2017 Version: T +44 (0) E ukdataservice.ac.uk

FLUENDO GENERIC EULA

IETF TRUST. Legal Provisions Relating to IETF Documents. February 12, Effective Date: February 15, 2009

Instructions for Using NERC s Online Membership Application Form

CA File Master Plus. Release Notes. Version

PRIVACY POLICY CHILDREN S PRIVACY

Schedule Identity Services

Avaya Software Keycode Installation Guide

Additional License Authorizations for HPE OneView for Microsoft Azure Log Analytics

EMF Compare Galileo Simultaneous Release

IETF TRUST. Legal Provisions Relating to IETF Documents. Approved November 6, Effective Date: November 10, 2008

IAB Europe Transparency & Consent Framework Policies

Annenberg Public Policy Center Sensitive National Annenberg Election Survey Data 1 Access: Application

User Terms of Service

EMF Ganymede Simultaneous Release

Tools for mobile Linux Release Review Dec 2009

SERVICE DESCRIPTION & ADDITIONAL TERMS AND CONDITIONS VERSIEGELTE CLOUD. Service description & additional terms and conditions VERSIEGELTE CLOUD

HCM Instructions. Tip: Use the Magnifying Glass to search for values. Click the Add button to start a new request. 2/5/16 Page 1 of 8

Ecma International Policy on Submission, Inclusion and Licensing of Software

OCTOSHAPE SDK AND CLIENT LICENSE AGREEMENT (SCLA)

Terms and Conditions 01 January 2016

CERTIFIED MAIL LABELS TERMS OF USE and PRIVACY POLICY Agreement

Ferrous Metal Transfer Privacy Policy

University of Wisconsin-Madison Policy and Procedure

PRIVACY NOTICE FOR PROGRAMME APPLICANTS

REGULATION BOARD OF EDUCATION FRANKLIN BOROUGH

Object Constraint Language (MDT OCL) 1.3 Galileo Simultaneous Release Review

Release Notes for Avaya Aura Appliance Virtualization Platform Release

The Open Group Professional Certification Program. Accreditation Requirements

ICORS Terms of Service

Eclipse Foundation, Inc. Copyright 2005 by Intel, IBM, Scapa Technologies and others and made available under the EPL v1.0 1

Office Properties Income Trust Privacy Notice Last Updated: February 1, 2019

Zest: Move Review. Transition from Mylyn to GEF. Component Lead: R. Ian Bull. University of Victoria & IBM Centre for Advanced Studies

OpenFlow Trademark Policy

Equinox Project 3.6 Release Review

TD-04 Contributed Software Attribution Policy

Business Process Framework (etom)

Swissmeda Data Policy and Privacy Statement (Referred to as Swissmeda Data Policy )

Using Manage Alarm Tool

Site Impact Policies for Website Use

FOSS Training Reference Slides for the OpenChain Specification 1.1

MICHIGAN INTERNATIONAL SPEEDWAY KIDS CLUB PRIVACY POLICY

Security Audit of FuzeX Smart Contract This report is public. ChainSecurity Ltd. January 11, 2018

Eclipse Packaging Project

CURRICULUM. Core FOSS Compliance Version 1 Designed for Version 1 of the OpenChain Specification

Release Date: Aug 17, 2012 Purpose: Software maintenance release to support the Secure Router product.

Embedded Rich Client Platform (ercp) 1.0 Release Review

How to Register for NHPNet

Acceptable Use Policy (AUP)

Sonatype CLM - IDE User Guide. Sonatype CLM - IDE User Guide

The Forms Inventory Tool 2.0. A Brief Guide to the Public Forms Tool

Privacy Policy... 1 EU-U.S. Privacy Shield Policy... 2

TERMS AND CONDITIONS

Avaya Aura Call Center Elite Multichannel Documentation Roadmap

Bring Your Own Device

How to complete your Accessibility Compliance Report. A guide for designated public sector organizations

Building Information Modeling and Digital Data Exhibit

Page 1 of Matthews Mint Hill Road, Suite C; Matthews, NC Phone Fax

We start by providing you with an overview of the key feature of the IBM BPM Process Portal.

Myplay Privacy Policy

SMS SERVICE PROVISION

IP Office 9.0 IP Office Server Edition Reference Configuration

Unified Modeling Language (MDT UML2) 3.0 Galileo Simultaneous Release Review. 4 June, 2009

PRIVACY POLICY OF THE WEB SITE

Avaya Callback Assist Considerations for Avaya Call Management System

OpenChain Specification Version 1.2 pc6 (DRAFT) [With Edit Markups Turned Off]

International Client Centre Terms and Conditions V.1.0 Page 1

2012 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, Excel, Lync, Outlook, SharePoint, Silverlight, SQL Server, Windows,

Update on IANA Stewardship Transition

Avaya CallPilot Mini Message Networking User Guide

Avaya Aura Contact Center Documentation Roadmap

Terms of Use or the SMS Notification Service

IP Office Intuity Mailbox Mode User Guide

Sisu Super Computing Service Service Level Agreement

Bar Code Discovery. Administrator's Guide

Timber Products Inspection, Inc.

In this policy, whenever you see the words we, us, our, it refers to Ashby Concert Band Registered Charity Number

TMDD Standard v03.03c Errata

The Table Privacy Policy Last revised on August 22, 2012

E RADAR. All Rights Reserved. Acceptable Use Policy

Version 2.0. How To: Request User Access

CALSTRS ONLINE AGREEMENT TERMS AND CONDITIONS

PRIVACY NOTICE ST BENEDICT S HOSPICE SUNDERLAND, LTD

BRING YOUR OWN DEVICE: POLICY CONSIDERATIONS

Understanding the Open Source Development Model. » The Linux Foundation. November 2011

WSDM = Web Services Distributed Management, an open standard/specified ratified by OASIS

BCS Professional Certification Group Operations Fraudulent Activity Policy Fraudulent Activity and Plagiarism Policy April 2016 March 2018

OCR Interchange Service Agreement

Transcription:

Eclipse Foundation Provenance and Licensing Considerations Eclipse IP Team vember 2008

Table of Contents EPL Code Review Considerations Contributions Commits Moves to Eclipse n-epl Code Review Considerations Provenance for projects hosted outside Eclipse n-epl License Terms n-epl Tips and Tricks

EPL Code Review Eclipse-licensed code can be Contributed, or Committed, or Moved to Eclipse In any of these scenarios, Eclipse considers: Code provenance Purpose: to establish a reasonable comfort level that the content being proposed is being contributed rightfully by the copyright owners, authors and contributors under the EPL license. This exercise serves to mitigate risk to Eclipse projects, members and downstream consumers of becoming involved in a legal action, or having their use of the software disrupted by sudden removal of improperly contributed code. License terms Purpose: to determine if the proposed content currently is or can be licensed under the Eclipse Public License (EPL).

EPL Code Provenance - Contributor Submitted Eclipse Contributions Must be Submitted via Bugzilla and accepted by the project Project Committer must Confirm the Contribution: 1. Is Developed from Scratch (without incorporating content from elsewhere or relying on the intellectual property of others) ; and 2 Is 100% EPL Code Contributions < 250 LOCs Contributor must confirm on Bugzilla: (a) wrote 100% of the code; (b) that they have the right to contribute the code to Eclipse; and (c) the file header contains the EPL License header. Contributions > 250 LOCs Contributor must confirm on Bugzilla: (a) wrote 100% of the code; (b) that they have the right to contribute the code to Eclipse; and (c) the file header contains the EPL License header. Code provenance is clear Eclipse Employer Consent Form (may be required) The ECF provides consent of employer of any individual committer that contributions owned by employer or employee will be provided in compliance with the Eclipse Public License and the Eclipse.org Terms of Use.

EPL Code Provenance - New Project Initial Commit Initial Project Commit Kick Off Initial project code is donated by initial committers to the approved project. Committers are covered by Agreements and/or Employer Consents Dos any code originate From outside the initial project committers? Will the project clarify provenance for the content not covered by committers? 1/2 Code provenance is clear Content related to unclear Code cannot be approved 1. For each individual, seek the following information (replacing X with the project s name, and Y with the EPL License): a] Did you agree to contribute the code to the X project, to be licensed as open source under the EPL license agreement? b] Did you [yourself] write the code you contributed to the X project? c] Does anyone else have rights to the code you contributed? [For example, did you have an agreement with an employer giving the employer rights to all code you wrote during that time?] d] Can you estimate how much code you contributed to the X project? *Optional: e] Do you know of any contributions to the X projects which were improperly copied from someone else? *Optional: f] Do you know of any code in X to which a third party has rights inconsistent with the EPL license? 2. Employer Consent Form may be required - http://www.eclipse.org/legal/committer_process/employer_consent.pdf

EPL Code Provenance - Committer Submitted Eclipse committers are covered under Committer Agreements and/or an Employer Consent Form Member Committer Agreement ensures all members committer s current and future contributions will be in compliance with the Eclipse Public License and the Eclipse.org Terms of Use. Individual Committer Agreement ensures individual s current and future contributions will be in compliance with the Eclipse Public License and the Eclipse.org Terms of Use. Code provenance is clear Eclipse Employer Consent Form provides consent of employer of any individual committer that contributions owned by employer or employee will be provided In compliance with the Eclipse Public License and the Eclipse.org Terms of Use. 1. Eclipse Member Committer Agreement - http://www.eclipse.org/legal/eclipsemembercommitteragreementfinal.pdf 2. Eclipse Individual Committer Agreement - http://www.eclipse.org/legal/committer_process/eclipseindividualcommitteragreementfinal.pdf 3. Eclipse Employer Consent Form - http://www.eclipse.org/legal/committer_process/employer_consent.pdf 4. Eclipse Public License - http://www.eclipse.org/org/documents/epl-v10.php 5. Eclipse Terms of Use - http://www.eclipse.org/legal/termsofuse.php

EPL Code Provenance - Move of Code To Eclipse STEP ONE: Is there a publicly available, clear contribution mechanism in place for the project? 1 Eclipse IP team asks the project: Does the project have a subtle or private repeatable mechanism 2 through which they ask contributors to confirm code provenance? 1 Will the project clarify provenance for this specific version? 3 Code provenance is clear Code will not be approved for use within Eclipse. 1. Were contributors asked to acknowledge in writing via CLA or some other standardized medium that (a) they authored the code; and (b) nobody else has an interest in or claim to the intellectual property rights (an employer, for instance) and; (c) the intellectual property owner consents to release it as open source under the EPL license. 2. E.g. All contributors confirm answers to these questions via email, or all contributors are asked to submit bugs through a portal which requires the submitter to confirm they own the code, have the rights to contribute it, and consent to its release under the project s license. 3. For each individual, seek the following information (replacing X with the project s name, and Y with the EPL license): a] Did you agree to contribute the code to the X project, to be licensed as open source under the EPL license agreement? b] Did you [yourself] write the code you contributed to the X project? c] Does anyone else have rights to the code you contributed? [For example, did you have an agreement with an employer giving the employer rights to all code you wrote during that time?] d] Can you estimate how much code you contributed to the X project? *Optional: e] Do you know of any contributions to the X projects which were improperly copied from someone else? *Optional: f] Do you know of any code in X to which a third party has rights inconsistent with the EPL license?

n-epl Code Review High level: Eclipse considers Code provenance Purpose: to establish a reasonable comfort level that the project has taken measures to ensure that the code was rightfully contributed to the project under its chosen license. This exercise serves to mitigate risk to committers, members and downstream consumers of becoming involved in a legal action, or having their use of the software disrupted by sudden removal of improperly contributed code. License terms Purpose: to determine whether the n-epl project is compatible with the Eclipse Public License (EPL) and the objectives of the Eclipse community.

Code Provenance STEP ONE: Is there a publicly available, clear contribution mechanism in place for the project? 1 Eclipse IP team asks the project: Does the project have a subtle or private repeatable mechanism 3 through which they ask contributors to confirm code provenance? 1 Did the project bundle code from another third party project? 2 Will the project clarify provenance for this specific version? 4 Starting at STEP ONE, repeat this process for every distinct project from which third party files are bundled. Code provenance is clear Code will not be approved for use within Eclipse. 1. Are contributors asked to acknowledge in writing via CLA or some other standardized medium that (a) they authored the code; and (b) nobody else has an interest in or claim to the intellectual property rights (an employer, for instance) and; (c) the intellectual property owner consents to release it as open source under the project s license. 2. Provenance checks must be performed on each project from which n-epl code originates. Many open source projects pull / bundle code from other projects, so this step may be repeated many times. 3. E.g. All contributors confirm answers to these questions via email, or all contributors are asked to submit bugs through a portal which requires the submitter to confirm they own the code, have the rights to contribute it, and consent to its release under the project s license. 4. For each individual, seek the following information (replacing X with the project s name, and Y with the license used by the project): a] Did you agree to contribute the code to the X project, to be licensed as open source under the Y license agreement? b] Did you [yourself] write the code you contributed to the X project? c] Does anyone else have rights to the code you contributed? [For example, did you have an agreement with an employer giving the employer rights to all code you wrote during that time?] d] Can you estimate how much code you contributed to the X project? *Optional: e] Do you know of any contributions to the X projects which were improperly copied from someone else? *Optional: f] Do you know of any code in X to which a third party has rights inconsistent with the Y license?

n-epl License Terms Projects hosted at Eclipse are provided under the EPL, unless the Board unanimously approves another licensing model. If the project is hosted under another license, re-licensing may be possible. For more information contact emo-ip-team@eclipse.org. Inclusion of non-epl material in the Project is permitted if the license has been approved for use at Eclipse. Please see a subset of approved licenses posted in a note leading from Figure 19 on page 2 of the Eclipse Due Diligence poster. te many third party licenses are customized versions of popular open source licenses. Some customizations may introduce restrictions which render a license incompatible for use within Eclipse. E.g. The BSD is approved for use within Eclipse. However, if a copyright owner modifies the BSD such that it excludes a license for the development of nuclear devices, that renders the license incompatible for use within Eclipse. One license or many? Many n-epl packages declare the code is provided under one license. Further examination may reveal that files from other third party packages with distinct license terms may be bundled.

n-epl Tips and tricks Can you use a subset? Provenance Sometimes the lack of clarity on provenance is limited to a set of files that are bundled with the package, but originate from another third party. License Sometimes the license concerns are limited to a set of files carrying a distinct license that are bundled with the package, but originate from another third party. Where the removal of the bundled files may effectively resolve provenance and/or licensing concerns, the IP team will ask if the use of a subset is viable from a technical perspective. Do you know anyone working on the n-epl project? If you do, please let us know! We may ask for your help in clarifying provenance or license concerns, to the extent any arise. E.g. In the event there is a licensing incompatibility, there may be instances where the n-epl project would be both willing and able to offer the package under another license that has been approved for use within Eclipse.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback