drybjed
commented
3 years ago Since this is a licensing issue, let's talk first about what that copyright line "Copyright (C) year DebOps \https://debops.org/" signifies.
At the moment, there is no legal separate entity behind DebOps - no foundation, company or other organization that would be a steward of the project. I (Maciej Delmanowski) manage the project's DNS domain, GitHub and GitLab organization accounts, ReadtheDocs account, Docker Hub account and similar such axuliary tools. But I intentionally put the main project repositories under a debops GitHub organization to allow in the future to move their ownership to such an entity if/when it is created. This also means that the code copyright will also be assigned to the hypothetical "DebOps Foundation" or whichever organization arises to the task.
I'm not really sure if assigning the copyright to a non-existent organization in the present is valid. IANAL, but I think that we can assume that this potential organization could exist and when the need arises to represent DebOps legally, then upon creation of such an organization the copyright on the code will automatically be granted to it wherever such copyright is placed. Keep in mind that this also applies to a code derived from DebOps source code - if somebody copies it to their own project, the copyright goes with the SPDX identifier.
Does adding the DebOps copyright amount to signing a Contributor License Agreement? I'm not really sure - after checking a few projects with CLAs it seems that the current practice entails for the contributors to intentionally "sign" a CLA before contributing, so the list of signatures is in a specific place. We don't have that set up at the moment, so I would say that there's no CLA in DebOps. But the question of the assigned copyright line still remains. Maybe I need to consult a lawyer about this.
As for the problem at hand: @boucman is right, the code generated from the template does not automatically fall under the DebOps copyright, unless it is submitted to the project. I think that this would apply even when the template is part for the DebOps monorepo. I think that the case is similar to the various configuration files managed by DebOps roles - we specifically put the copyright lines inside of the {# #} Jinja comment blocks to signify that the copyright applies to the template itself, not the generated file. Scripts are a special case, since their execution code is usually run unmodified and we are constrained by the language linters so adding the copyright there directly was a "lesser of two evils" choice.
So I would remove the copyright line from the Copier template to avoid confusion. When the code generated by it is submitted to DebOps, we can ask the user to assign the DebOps copyright in their pull request.
From https://github.com/debops/debops/pull/1639#pullrequestreview-590988955
@drybjed This comes up repeatedly so I guess it is time to change it. It seems to scare people away and with the whole CLA things going one, that is not what we want. I guess we can drop it?
https://github.com/debops/debops/blob/2a7ee23996c2eb4f2abae4f4ea308c661ab65855/Dockerfile#L3-L5
I have not really researched this now. I just found that also the REUSE tool does something similar https://raw.githubusercontent.com/fsfe/reuse-tool/master/AUTHORS.rst
Ref: https://github.com/debops/debops/pull/1545