Governance for the GitHub generation

As more projects drop contributor license agreements, permissionless governance gains support. Here's what that means

1 2 Page 2
Page 2 of 2

OSI-approved license with patent clause: Another excuse for having a CLA is that contributors need to grant patent rights in addition to copyrights. Using an OSI-approved open source license with a clause describing the handling of patent rights obviates this need.

Distributed Version Control: The most common version control systems from the early years of open source ironically introduced a permission-barrier to participation in the community. Today's use of distributed version control systems like Git neatly avoids this problem. Everyone is free to make their own copy of the source and improve it any way they wish. They can then offer other developers their improvements by making a pull request.

This approach has two "permissionless" benefits. First, each developer can proceed on their own copy of the code yet still benefit from integrating their changes smoothly. Second, the version control system maintains a detailed history of who made which change and (since each pull request will be accompanied by a rationale for the request) why the change was made. Instant provenance tracking with added design history.

This combination appears to meet all community concerns:

  1. It maintains distributed ownership.
  2. It gains the best available statement of good faith from contributors without unnecessarily creating liability.
  3. It allows future license change within bounds acceptable to existing contributors.
  4. It ensures predatory patent practices are proscribed.
  5. It tracks the rationale for each commit, often with a detailed discussion.

In addition, it avoids creating any "permission points" where a bad actor could gain the leverage to abuse the project. Such permission points themselves negate the permissionless flexibility derived from software freedom through open source licensing.

This five-point approach is already in use by the Eclipse Foundation and others, and I believe we will see more and more projects following the example of Node.js and JBoss by going permissionless in the future.

This article, "Governance for the GitHub generation," was originally published at Read more of the Open Sources blog and follow the latest developments in open source at For the latest business technology news, follow on Twitter.

Copyright © 2014 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2