From 108bbc9141ed9f14e245b8026de636ea7493a6d5 Mon Sep 17 00:00:00 2001 From: Troy McConaghy Date: Fri, 21 Dec 2018 17:22:33 +0100 Subject: [PATCH 1/4] Added 'Legal Requirements when Contributing Code' --- content/concepts/contributing.md | 8 ++++--- content/concepts/legal-reqs.md | 37 ++++++++++++++++++++++++++++++++ data/sidebars/concepts.yml | 2 ++ 3 files changed, 44 insertions(+), 3 deletions(-) create mode 100644 content/concepts/legal-reqs.md diff --git a/content/concepts/contributing.md b/content/concepts/contributing.md index 5b95126c..ee616e45 100644 --- a/content/concepts/contributing.md +++ b/content/concepts/contributing.md @@ -49,8 +49,10 @@ See the page about [bounties](/concepts/bounties/). ## Help Develop Core Ocean Software -Right now, we're not really set up to accept core code contributions from external developers, except via the bounties mentioned above. In the future, we hope to have policies and processes that empower anyone to contribute. +- Read and understand the [legal requirements when contributing code](/concepts/legal-reqs/). +- Look through the [dev-ocean repository on GitHub](https://github.com/oceanprotocol/dev-ocean). It summarizes Ocean Protocol software development practices and policies. -If you'd like to follow what the core dev team is doing, a good place to start is the dev-ocean repository on GitHub. + - +- Ask technical questions in the [Ocean Protocol chatroom on Gitter](https://gitter.im/oceanprotocol/Lobby). +- Find repository-specific development notes in each repository (usually in the root `README.md` file). diff --git a/content/concepts/legal-reqs.md b/content/concepts/legal-reqs.md new file mode 100644 index 00000000..f8ef821f --- /dev/null +++ b/content/concepts/legal-reqs.md @@ -0,0 +1,37 @@ +--- +title: Legal Requirements when Contributing Code +description: If you want to contribute code to Ocean Protocol, then you must read and understand this page. +--- + +## Ocean Protocol Software Licensing + +All Ocean Protocol code (software) is licensed under open source licenses (usually Apache 2.0). This page describes our policy to ensure that all contributions to the Ocean Protocol code are also licensed under the appropriate open source license (and that the contributor has the right to license it as such). + +There are three different cases: + +1. If you're an employee of BigchainDB GmbH or DEX Pte Ltd then the copyright in your code contribution belongs to your employer. BigchainDB and DEX, in turn, are contributing to Ocean Protocol under contract with the Ocean Protocol Foundation Ltd, and all the code they contribute to Ocean Protocol is licensed under appropriate open source licenses. There's nothing extra for you to do. +1. If you're contributing code to complete a [bounty](/concepts/bounties/), then you agreed to terms and conditions such that your contributed code can be licensed under appropriate open source licenses. There's nothing extra for you to do. +1. Otherwise, you must do the following: + - At the top of every file you've modified, add license comment lines similar to the following, unless lines like these are already present: + + ```text + # Copyright Ocean Protocol contributors + # SPDX-License-Identifier: Apache-2.0 + ``` + + You can determine the license by looking in the file named `LICENSE` in the root of that file's repository. + The comment lines will begin with different symbols depending on the file type. For example, Python comment lines begin with a `#`. + - Read and understand the [Developer Certificate of Origin](https://developercertificate.org/). + - Include a Signed-off-by line at the end of all your Git commit messages, like: + + ```text + Signed-off-by: Joe T Pots + ``` + + You must include your real name and a real email address. Fake people can't hold or license copyrights. + +> Tip: You can include a Signed-off-by line automatically by using `git commit --signoff` or `git commit -s`. + +## The Future + +In the future, the Ocean Protocol Foundation will dissolve and the policy will probably change to work more like the Linux Kernel, where _every_ contributor must include a Signed-off-by line in all Git commits. If you're curious, see the Linux Kernel document "[Submitting patches: the essential guide to getting your code into the kernel](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst)" especially the section titled "Sign your work - the Developer's Certificate of Origin." diff --git a/data/sidebars/concepts.yml b/data/sidebars/concepts.yml index bf511bb2..5f730d21 100644 --- a/data/sidebars/concepts.yml +++ b/data/sidebars/concepts.yml @@ -28,6 +28,8 @@ link: /concepts/bounties/ - title: Reporting Vulnerabilities link: /concepts/vulnerabilities/ + - title: Legal Requirements when Contributing Code + link: /concepts/legal-reqs/ - title: Engineering Principles link: /concepts/principles/ - title: Code of Conduct From df60cae17b6a343a3afdc4c41c10915e324d7c0b Mon Sep 17 00:00:00 2001 From: Troy McConaghy Date: Mon, 24 Dec 2018 11:02:43 +0100 Subject: [PATCH 2/4] Revised legal-reqs page. Repo must have DCO copy. --- content/concepts/legal-reqs.md | 42 +++++++++++++++++++--------------- 1 file changed, 24 insertions(+), 18 deletions(-) diff --git a/content/concepts/legal-reqs.md b/content/concepts/legal-reqs.md index f8ef821f..fec5edc3 100644 --- a/content/concepts/legal-reqs.md +++ b/content/concepts/legal-reqs.md @@ -5,30 +5,36 @@ description: If you want to contribute code to Ocean Protocol, then you must rea ## Ocean Protocol Software Licensing -All Ocean Protocol code (software) is licensed under open source licenses (usually Apache 2.0). This page describes our policy to ensure that all contributions to the Ocean Protocol code are also licensed under the appropriate open source license (and that the contributor has the right to license it as such). +All Ocean Protocol code (software) is licensed under open source licenses (usually Apache 2.0). This page describes the Ocean Protocol policy to ensure that all contributions to the Ocean Protocol code are also licensed under the appropriate open source license (and that the contributor has the right to license it as such). -There are three different cases: +If you are: -1. If you're an employee of BigchainDB GmbH or DEX Pte Ltd then the copyright in your code contribution belongs to your employer. BigchainDB and DEX, in turn, are contributing to Ocean Protocol under contract with the Ocean Protocol Foundation Ltd, and all the code they contribute to Ocean Protocol is licensed under appropriate open source licenses. There's nothing extra for you to do. -1. If you're contributing code to complete a [bounty](/concepts/bounties/), then you agreed to terms and conditions such that your contributed code can be licensed under appropriate open source licenses. There's nothing extra for you to do. -1. Otherwise, you must do the following: - - At the top of every file you've modified, add license comment lines similar to the following, unless lines like these are already present: +- contributing code to complete an [Ocean Protocol bounty](/concepts/bounties/) or +- an employee of BigchainDB GmbH or +- an employee of DEX Pte Ltd - ```text - # Copyright Ocean Protocol contributors - # SPDX-License-Identifier: Apache-2.0 - ``` +then there is nothing extra for you to do: licensing is already handled. - You can determine the license by looking in the file named `LICENSE` in the root of that file's repository. - The comment lines will begin with different symbols depending on the file type. For example, Python comment lines begin with a `#`. - - Read and understand the [Developer Certificate of Origin](https://developercertificate.org/). - - Include a Signed-off-by line at the end of all your Git commit messages, like: +Otherwise, you must do the following: - ```text - Signed-off-by: Joe T Pots - ``` +- At the top of every file you've modified, add license comment lines similar to the following, unless lines like these are already present: - You must include your real name and a real email address. Fake people can't hold or license copyrights. +```text +# Copyright Ocean Protocol contributors +# SPDX-License-Identifier: Apache-2.0 +``` + +You can determine the license by looking in the file named `LICENSE` in the root of that file's repository. +The comment lines will begin with different symbols depending on the file type. For example, Python comment lines begin with a `#`. +- Read and understand the [Developer Certificate of Origin](https://developercertificate.org/). +- Put a copy of the Developer Certificate of Origin (text file) in the root of the repository where you are contributing, if one isn't already there. +- Include a Signed-off-by line at the end of all your Git commit messages, like: + +```text +Signed-off-by: Joe T Pots +``` + +You must use your real name and email address. > Tip: You can include a Signed-off-by line automatically by using `git commit --signoff` or `git commit -s`. From 8932155b0632dcc32416d0f27ba50eff10e48bd5 Mon Sep 17 00:00:00 2001 From: Troy McConaghy Date: Mon, 24 Dec 2018 12:24:35 +0100 Subject: [PATCH 3/4] npm run format --- content/concepts/legal-reqs.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/concepts/legal-reqs.md b/content/concepts/legal-reqs.md index fec5edc3..ce5ecc75 100644 --- a/content/concepts/legal-reqs.md +++ b/content/concepts/legal-reqs.md @@ -26,6 +26,7 @@ Otherwise, you must do the following: You can determine the license by looking in the file named `LICENSE` in the root of that file's repository. The comment lines will begin with different symbols depending on the file type. For example, Python comment lines begin with a `#`. + - Read and understand the [Developer Certificate of Origin](https://developercertificate.org/). - Put a copy of the Developer Certificate of Origin (text file) in the root of the repository where you are contributing, if one isn't already there. - Include a Signed-off-by line at the end of all your Git commit messages, like: From 6e33e9749122feff8cde76b2e93613ba06241afb Mon Sep 17 00:00:00 2001 From: Troy McConaghy Date: Sat, 9 Mar 2019 15:16:40 +0100 Subject: [PATCH 4/4] Revise the legal reqs for external code contribs. --- content/concepts/contributing.md | 19 +++++++------- content/concepts/legal-reqs.md | 45 ++++++++++++++++---------------- 2 files changed, 32 insertions(+), 32 deletions(-) diff --git a/content/concepts/contributing.md b/content/concepts/contributing.md index ee616e45..c0db1c64 100644 --- a/content/concepts/contributing.md +++ b/content/concepts/contributing.md @@ -6,6 +6,15 @@ description: There are many ways you could contribute to Ocean Protocol. All contributions to Ocean Protocol are governed by our [Contributor Code of Conduct](/concepts/code-of-conduct/). Code development follows the [Ocean Engineering Principles](/concepts/principles/). +## Help Develop Core Ocean Software + +- Read and understand the [legal requirements when contributing code](/concepts/legal-reqs/). In particular, note that you must: + - add a copyright notice to the top of all files you modify or create (if one isn't there already). + - include a Signed-off-by line in all your Git commit messages. +- Look through the [dev-ocean repository on GitHub](https://github.com/oceanprotocol/dev-ocean). It summarizes Ocean Protocol software development practices and policies. +- Ask technical questions in the [Ocean Protocol chatroom on Gitter](https://gitter.im/oceanprotocol/Lobby). +- Find repository-specific development notes in each repository (usually in the root `README.md` file). + ## Report a Vulnerability See the page about [reporting vulnerabilities](/concepts/vulnerabilities/). @@ -46,13 +55,3 @@ See the page about [bounties](/concepts/bounties/). - [Read the announcement of the Ocean Protocol Ambassador Program](https://blog.oceanprotocol.com/envoys-of-the-new-data-economy-ocean-protocol-ambassadors-3816a0e63611) - [Apply to become an ambassador](https://oceanprotocol.com/#ambassadors) - -## Help Develop Core Ocean Software - -- Read and understand the [legal requirements when contributing code](/concepts/legal-reqs/). -- Look through the [dev-ocean repository on GitHub](https://github.com/oceanprotocol/dev-ocean). It summarizes Ocean Protocol software development practices and policies. - - - -- Ask technical questions in the [Ocean Protocol chatroom on Gitter](https://gitter.im/oceanprotocol/Lobby). -- Find repository-specific development notes in each repository (usually in the root `README.md` file). diff --git a/content/concepts/legal-reqs.md b/content/concepts/legal-reqs.md index ce5ecc75..fe4d146b 100644 --- a/content/concepts/legal-reqs.md +++ b/content/concepts/legal-reqs.md @@ -1,44 +1,45 @@ --- title: Legal Requirements when Contributing Code -description: If you want to contribute code to Ocean Protocol, then you must read and understand this page. +description: How to make sure your code contributions can be included in the Ocean Protocol codebase. --- ## Ocean Protocol Software Licensing -All Ocean Protocol code (software) is licensed under open source licenses (usually Apache 2.0). This page describes the Ocean Protocol policy to ensure that all contributions to the Ocean Protocol code are also licensed under the appropriate open source license (and that the contributor has the right to license it as such). +All Ocean Protocol code (software) is licensed under an [Apache 2.0 license](https://www.apache.org/licenses/LICENSE-2.0.html). This page describes the Ocean Protocol policy to ensure that all contributions to the Ocean Protocol code are also licensed under the Apache 2.0 license (and that the contributor has the right to license it as such). If you are: -- contributing code to complete an [Ocean Protocol bounty](/concepts/bounties/) or -- an employee of BigchainDB GmbH or -- an employee of DEX Pte Ltd +- contributing code to complete a _currently-open_ [Ocean Protocol bounty](/concepts/bounties/) or +- a _current_ employee of BigchainDB GmbH or +- a _current_ employee of DEX Pte Ltd then there is nothing extra for you to do: licensing is already handled. -Otherwise, you must do the following: +Otherwise you are an "external contributor" and you must do the following: -- At the top of every file you've modified, add license comment lines similar to the following, unless lines like these are already present: +1. Make sure that every file you modified or created contains a copyright notice comment like the following (at the top of the file): -```text -# Copyright Ocean Protocol contributors -# SPDX-License-Identifier: Apache-2.0 -``` + ```text + # Copyright Ocean Protocol contributors + # SPDX-License-Identifier: Apache-2.0 + ``` -You can determine the license by looking in the file named `LICENSE` in the root of that file's repository. -The comment lines will begin with different symbols depending on the file type. For example, Python comment lines begin with a `#`. + If a copyright notice is not present, then add one. Make sure you're using the correct syntax for comments (which varies from language to language). The example shown above is for a Python file. +1. Read the [Developer Certificate of Origin, Version 1.1](https://developercertificate.org/). +1. You will be asked to include a Signed-off-by line in all your commit messages. (Instructions are given in the next step.) Make sure you understand that including a Signed-off-by line in your commits certifies that you can make the statements in the Developer Certificate of Origin. If you have questions about this, then please [ask on Gitter](https://gitter.im/oceanprotocol/Lobby) or elsewhere. Do not continue until you fully understand. +1. Make sure that all your commit messages include a Signed-off-by line of the form: -- Read and understand the [Developer Certificate of Origin](https://developercertificate.org/). -- Put a copy of the Developer Certificate of Origin (text file) in the root of the repository where you are contributing, if one isn't already there. -- Include a Signed-off-by line at the end of all your Git commit messages, like: + ```text + Signed-off-by: Random J Developer + ``` -```text -Signed-off-by: Joe T Pots -``` + with your real name and your real email address. Sorry, no pseudonyms or anonymous contributions. Tip: You can tell Git to include a Signed-off-by line in a commit message by using `git commit --signoff` or `git commit -s`. -You must use your real name and email address. +## Credits -> Tip: You can include a Signed-off-by line automatically by using `git commit --signoff` or `git commit -s`. +The Developer Certificate of Origin was developed by the Linux community and has since been adopted by other projects, including many under the Linux Foundation umbrella (e.g. Hyperledger Fabric). +The process described above (with the Signed-off-by line in Git commits) is also based on [the process used by the Linux community](https://github.com/torvalds/linux/blob/master/Documentation/process/submitting-patches.rst#11-sign-your-work---the-developers-certificate-of-origin). ## The Future -In the future, the Ocean Protocol Foundation will dissolve and the policy will probably change to work more like the Linux Kernel, where _every_ contributor must include a Signed-off-by line in all Git commits. If you're curious, see the Linux Kernel document "[Submitting patches: the essential guide to getting your code into the kernel](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst)" especially the section titled "Sign your work - the Developer's Certificate of Origin." +In the future, the Ocean Protocol Foundation will dissolve and the policy will probably change to work more like the Linux Kernel, where _every_ contributor must include a Signed-off-by line in all Git commits.