[Spread-users] CVS access to Spread
Jon Stevens
jon at latchkey.com
Wed Aug 22 21:04:47 EDT 2001
on 8/22/01 11:10 AM, "Theo Schlossnagle" <jesus at omniti.com> wrote:
> First off, through prevalent, anonymous CVS access is not an required
> part of OSS.
Nope. However, I will assert that truly successful OSS projects with lots of
committers do have anonymous CVS access.
> The idea is "open" (Open Source Software). The Spread
> community is currently small enough and the project's core is
> complicated enough that "open" CVS access should be perfectly acceptable.
>
> Open CVS access is just as good and it apparently gives the Spread
> maintainers what they want (which is seeing who is using it -- readonly
> or not). My interpretation of the the announcement of CVS access didn't
> say anything about restricting it to certain people. It just said, mail
> in for a password. I understood it as "everyone who wants access gets
> it."
>
> Personally, I don't like pserver. I would never set up anonymous CVS in
> that fashion if given the choice. I _always_ try to set up CVS over ssh
> only.
I hear your preferences, however reality is that it is possible to setup
anonymous :pserver: to point to a directory of symlinks. This provides
security.
Read:
<http://cvs.apache.org/viewcvs.cgi/CVSROOT/README.txt?rev=1.4&content-type=t
ext/vnd.viewcvs-markup>
> As for creating an anonymous account with no password as a
> readonly CVS user over ssh... Maybe that is a solution (and IMNSHO a
> good one).
What *exactly* does that gain you other than higher overhead for everyone
involved?
> Are you familiar with copyright and licensing?
Of course I am. I have been dealing with contributing to and managing large
scale OSS projects for the last 5+ years and in smaller amounts for 5 years
before that (I used to port a lot of software to A/UX, including X11R6v4)...
> You cannot merge
> contributions into a project if they are inappropriately licensed and
> copyrighted. This the reason that the FSF has the painful assignment of
> copyright rigamarole. This, to most people, is annoying. If instead
> the maintainers require that contributions be licensed under a specific
> compatible license (like BSD, MIT X11, etc.), then there are no issues.
Simple solution (that the ASF employees):
Contributions are required to be under the ASF License (in your case,
Spread's License) and copyright to the ASF (in your case, the same copyright
that Spread is under).
I just saw the other message from Yair confirming this...
> Currently, there are no guidelines on the contributions to Spread. I
> believe what they are saying is that they are setting guidelines so that
> there will be no legal problems accepting contributions. Please don't
> stand in their way.
Where did you get that I'm standing in anyone's way or even trying to? I
want things open. Nothing more, nothing less.
>> That is because no one could use it commercially.
>
> I assume you meant that no one could use it commercially without
> obtaining a license?
Correct.
> Ben gives many of us here at CNDS advice on a regular basis. I consider
> his advice invaluable as I am sure the Spread maintainers do too. There
> are several other Open Source maintainers that we work with regularly
> here, and we try to draw on all of the knowledge and attend to there
> recommendations.
Great. I also volunteer to provide guidance if you want it. I have a lot of
experience running OSS projects.
-jon
More information about the Spread-users
mailing list