[Zope] Re: The Zope Software Certification Program and Common Repository Proposal

Andrew Milton akm at theinternet.com.au
Tue Feb 21 07:15:15 EST 2006 

+-------[ Philipp von Weitershausen ]----------------------
|
| > | * putting a project/package under the wings of the ZF ensures long-term
| > | IP protection
| > 
| > How? I think my death + 70 years is further away than the death of ZF, or in
| > fact the death of Zope.
| 
| But the end of your commitment to this particular software and/or Zope
| might not be so far. Hunting developers down for getting their approval
| of a license change or something like that after 5 years or so would be
| a considerable pain.

One wonders, why you NEED to change the license of someone else's code.
You take some Open Source code. You put it in your repository where you can
work on it. You don't need to own it to work on it. You don't need to own it
to package it up. You don't need to own it to put it into svn.

This is of course a distraction from the main question about the
repository, not the who owns what and why, which has been beaten to death 
in a hundred other discussions.

| > Requiring IP Handover? Makes a mockery of the Open Source movement. 
| 
| Plone does it, ASF does it, FSF does it. Seems to work.

The proposal currently requires 3rd party code to be handed over to Zope
Foundation[1] AND checked into the ZF svn repository in order to be 
'certified'. You indicated this was indeed the case.

So in order to gain ANY level of certification, even "Listed" Zope Foundation 
has to own the code. If Zope Foundation actually owns the code it's no longer 
3rd party code is it?

It is therefore impossible for anyone outside of Zope Foundation to actually 
gain certification. Gaining certification is pointless (to an author), since 
making changes to code that's not in the zope svn repository, would obviously 
have to void the certification (being in the zope svn repository is a
necessary, (but not sufficient) part of being certified).

So once again, I think another kind of compliance programme would be far more
beneficial for the majority of Zope Users. Once again this could to a certain
level be achieved by having packaging tools to ensure that ANY code released
WOULD be able to gain at least LISTED level IF they had given it to ZF AND 
checked it into the repository. Yes like a .jar file (OK we all know they're
zip files with some fluff, that doesn't make them bad).

[1] Let's just assume Zope Foundation for the purposes of this discussion.

-- 
Andrew Milton
akm at theinternet.com.au

More information about the Zope mailing list