Feeds

'Harmony' for open source contributors on horizon

Just don't mention the Canonical bit

The Power of One Brief: Top reasons to choose HP BladeSystem

A controversial push to establish clear-cut rules for contributing to open source projects is nearing completion.

Project Harmony – no, not that Project Harmony – has spent a year collecting feedback on how to refine terms governing contributors to open source projects, and it's scheduled to wrap up this effort on June 23. Shortly thereafter, version 1.0 of the Project Harmony rules will be officially released. The idea, organizers say, is to make participation in open source projects easier.

The question is whether companies, projects, and individuals will actually use the new rules. Some have already taken exception to Harmony (here), principally because one of its primary backers is Ubuntu daddy Canonical.

Canonical general legal counsel Amanda Brock started Harmony in May 2010. Brock tells us that Harmony has received contributions from more than 100 people in over 60 organizations, including developers and lawyers.

Last year, Ubuntu introduced its own contributor agreement in a move that angered some. Developers complained that copyright for contributions is granted to Canonical, a commercial entity, and that Canonical reserves the right to change the license under which it releases contributions.

Canonical's Contributor Agreement (here) does not cover the Ubuntu crown jewels. It covers other projects, including Ubuntu One, Unity, and Update Manager.

Brock told The Reg that she started Harmony because she was frustrated by the number of different and confusing contribution agreements used by Canonical's projects.

While some suspect Canonical of trying to foist something unwanted on the community which benefits only Canonical's bottom line, one of Harmony's contributors told us the idea is to improve contributions to open source by removing some of the hurdles associated with contributor agreements.

Contributor agreements aren't essential to open source projects, but having one in place does help project owners and contributors know exactly where they stand as projects grow or change ownership, as was the case when Sun Microsystems was eaten by Oracle.

Creating your own contributor agreements can be costly and time-consuming. And as Canonical has discovered to its cost, doing so is not guaranteed to deliver satisfaction.

Allison Randal, former president of the Perl Foundation, tells The Reg that, working with others in the community, she spent a "good year" devising a contributor agreement for Perl 5 and 6. That license was the Artistic License, approved by the Open Source Initiative (OSI). "I've found lawyers tend to go for dense legalese and there's always a clearer way of saying it, so developers can understand what it is they are trying to say. We spent a good year on this, picking through the details to refine and refine and refine," she says.

Harmony does not prescribe a single contributor agreement. It quickly became apparent that wasn't possible, Randal says, because projects have different values, licenses, and procedures. Instead, the idea is to establish a common set of clear-to-understand options in a kind of modular framework. Deevelopers will be able pick and choose what they want – and in theory, companies will become familiar with the setup through repeated exposure.

Harmony uses simple language to separate individual from corporate contributions, covers copyright assignment, has an "outbound license" section that tackles what promises the project makes to the contributors on how it might plan to use their code contributions, and provides options to release code under different licenses in the future.

"I do hope it will increase the number of contributions back to OS, in that it can remove some of the roadblocks," Randall says. "A lot of the times companies don't contribute back, it's not because they don't want to - they get hung up on the legalities of 'How do I contribute back?'"

She recounts a particular problem from her past when trying to navigate open-source contributions. "I had a developer contribute to a project ... but I couldn't use what he'd done because it took six months for his company to sign off. Having something like Harmony that has six options and is widely used means lawyers can say: 'This is a Harmony agreement, I already know it, we can get some of the page'."

After the beta review of Harmony next week, the follow-on step is adoption.

Here Randall is pragmatic. It will be a grassroots thing, but will likely require the stature of an IBM to pick up the agreement for others to either accept Harmony – or realize it even exists.

But critics will likely still be skeptical of the project's true motives. At this point, it's not clear whether even Canonical will adopt Harmony. Brock told us the company would have to wait and see the final results of Harmony after next week.

"We have one contribution [agreement], and we continue to use this whilst we await the final Project Harmony output," she said. ®

Seven Steps to Software Security

More from The Register

next story
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
KDE releases ice-cream coloured Plasma 5 just in time for summer
Melty but refreshing - popular rival to Mint's Cinnamon's still a work in progress
NO MORE ALL CAPS and other pleasures of Visual Studio 14
Unpicking a packed preview that breaks down ASP.NET
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
Put down that Oracle database patch: It could cost $23,000 per CPU
On-by-default INMEMORY tech a boon for developers ... as long as they can afford it
Another day, another Firefox: Version 31 is upon us ALREADY
Web devs, Mozilla really wants you to like this one
Google shows off new Chrome OS look
Athena springs full-grown from Chromium project's head
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.