[PATCH] Developer policy amendment re. non-disclosure

Alp Toker alp at nuanti.com
Fri Oct 18 04:07:59 PDT 2013 

On 18/10/2013 10:11, David Tweed wrote:
> Hi,
>
> a personal comment: while I can understand the sentiment, I think the
> wording might be a bit ambiguous. I'm tempted to read "... may result in your
> contribution being excluded" as "If you send a patch in a mail with an
> objectionable footer, that patch may end up being excluded from being
> committed to LLVM forever". I'm sure the meaning is supposed to be more

Hello David,

Below are my personal thoughts in response to yours:

It's sensible to reserve the option to exclude contributions where the
material submitted may be confidential, IP-encumbered or otherwise
non-public. This option has always been there and is nothing new.

> like " If you send a patch in a mail with an
> objectionable footer, that patch may be deemed ineligible for committing
> until this is resolved". In language for documentation that (rare though
> it is!) a possible contributor might read and take-as-gospel, it
> seems unwise to have language which could be misinterpreted as being more
> strict than the project intends to be.

The present wording is intentional and sends a clear message that
notices waste people's time and resources. So it's not an ambiguity.

That said, this has always been handled with discretion and I doubt a
few sentences will suddenly change the project ethos or get people
turned away at the door.

>
> (Incidentally, I'm sometimes guilty of posting stuff with default company
> footers just because some ways of using my email account don't offer the
> facility to turn it off, and I tend to think that sending meaningful messages
> with annoying footers in a timely manners outweighs a footerless message that
> is delayed several days until I've access to the right mail client.)

Consider this:

Every time you break the build or fail to fix regressions, it has a
wider impact on productivity. Beyond the dozens of committers working
directly on TOT, there are hundreds community developers trying and
failing to build that same broken revision from anonymous SVN checkouts.

I broke the clang bootstrap / stage2 build early this afternoon, watched
the waterfall turn red on my mobile and decided to skip lunch to revert
my own work to minimise the impact others, so I should know :-)

My point is that contributing to the LLVM project with a confidentiality
footer is no different to breaking the build, then going AWOL for the
weekend. It's not gospel, but it is inconsiderate -- especially in the
LLVM community where almost every organisation is a licensee of the
other, complete with actual obligations of non-disclosure.

For example, at my work we've ended up with confidential ARM, Apple,
Google and other sources and SDKs at some point. We use scripts and
email filters to make sure we don't inadvertently publish materials
marked 'confidential' as part of our SDK.

This means that each time you send a mail with your confidentiality
footer, it triggers a red mark in my inbox and I have to waste time
unflagging instead of doing something productive like fixing LLVM bugs
and working on new features. This is the reality for many community
projects and software shops that doesn't have teams of lawyers in a back
office auditing every open source patch.

Because of this, it'd be nice for you to take the time to check your
email footer, doing your best to make sure your patch is distributable,
so we don't have to do it for you.

My personal view is that this isn't about right and wrong, or some
gospel as you mentioned, or even about legality. It's simply about being
considerate to others on the project -- and the wording is finely
crafted to get that across.

Cheers,
Alp.



>
> Cheers,
> Dave
>
> -----Original Message-----
> From: llvm-commits-bounces at cs.uiuc.edu [mailto:llvm-commits-bounces at cs.uiuc.edu] On Behalf Of Daniel Berlin
> Sent: 18 October 2013 08:25
> To: Alp Toker
> Cc: llvm-commits
> Subject: Re: [PATCH] Developer policy amendment re. non-disclosure
>
> On Thu, Oct 17, 2013 at 11:02 AM, Alp Toker <alp at nuanti.com> wrote:
>> I've incorporated Daniel's suggested changes with line spacing and a
>> typo fixed, plus the internal link in the original patch restored.
>>
>> Am not particularly keen on the "to the patches themselves"
>> qualification but I understand Nadav feels strongly about this so have
>> kept it in the final patch as a compromise.
>>
> Ignoring any optional "policy-based requirements" (that in practice,
> nobody contributing to LLVM can possibly control), the reality is
> there are sometimes fairly immutable requirements around certain
> disclaimers/etc depending on job function and country.  They should
> never appear on patches, however.
>
> Honestly, if it was reasonable to blanket ban disclaimers on the
> mailing list, i'd be first in line (on principle alone).  But it's
> really not clear what it will achieve past making it more difficult
> for some people to contribute.   If the concern is the possible effect
> they have, the wording i proposed should take care of that[1].  If the
> concern is just that they are annoying, I don't think they reach that
> level yet.  Maybe someday they will (try joining a mailing list with
> lawyers sometime), and we should deal with it then.  If there is some
> other concern here i'm missing, I'd certainly like to hear what it is
> :)
>
>
>> Will appreciate one further review of the final patch from a third party
>> and explicit OK-to-commit before landing this.
> LGTM.
>
>> Alp.
>>
> [1] Caselaw in the US is a little mixed, but basically "unenforceable"
> in general, maybe helpful when it comes to preserving attorney-client
> privilege. They also have interesting side effects.  As one lawyer
> wrote, "it's very hard to argue to a judge you have an appropriate
> system for marking only privileged communications in place when you
> are marking your late night pizza orders with 500 word privilege
> notices".
>
>
>> On 17/10/2013 18:31, Nadav Rotem wrote:
>>> LGTM.  Thank you :)
>>>
>>> On Oct 17, 2013, at 10:30 AM, Daniel Berlin <dberlin at dberlin.org> wrote:
>>>
>>>> Here is an updated patch, which also takes into account an issue Nadav
>>>> kindly pointed out offline.
>>>>
>>>> On Thu, Oct 17, 2013 at 10:11 AM, Daniel Berlin <dberlin at dberlin.org> wrote:
>>>>> How about this wording for patches:
>>>>>
>>>>> When submitting patches, please do not add confidentiality or
>>>>> non-disclosure notices.  These notices conflict
>>>>> with the LLVM license, and may result in your contribution being excluded.
>>>>>
>>>>>
>>>>> and this for mailing lists:
>>>>>
>>>>> Please be aware that all public LLVM mailing lists are public and
>>>>> archived, and that notices of confidentially or non-disclosure cannot
>>>>> be respected.
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Oct 17, 2013 at 10:06 AM, Nadav Rotem <nrotem at apple.com> wrote:
>>>>>> Alp,
>>>>>>
>>>>>> I am against it. Your email does not match the clause that you want to add to the LLVM docs.  In your email you mentioned patches (which is fine), but in your patch you mentioned email clients, etc.
>>>>>>
>>>>>> Thanks,
>>>>>> Nadav
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Oct 17, 2013, at 9:57 AM, Alp Toker <alp at nuanti.com> wrote:
>>>>>>
>>>>>>> This patch amends the developer policy to discourage corporate
>>>>>>> non-disclosure or confidentiality signatures on patches intended for
>>>>>>> review, which would be at odds with the LLVM license.
>>>>>>>
>>>>>>> OK to commit?
>>>>>>>
>>>>>>> --
>>>>>>> http://www.nuanti.com
>>>>>>> the browser experts
>>>>>>>
>>>>>>> <llvm-signature-policy.patch>_______________________________________________
>>>>>>> llvm-commits mailing list
>>>>>>> llvm-commits at cs.uiuc.edu
>>>>>>> http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits
>>>>>> _______________________________________________
>>>>>> llvm-commits mailing list
>>>>>> llvm-commits at cs.uiuc.edu
>>>>>> http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits
>>>> <llvm-signature-policy.patch>
>> --
>> http://www.nuanti.com
>> the browser experts
>>
> _______________________________________________
> llvm-commits mailing list
> llvm-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits
>
>
> -- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium.  Thank you.
>
> ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No:  2557590
> ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No:  2548782
>

-- 
http://www.nuanti.com
the browser experts

More information about the llvm-commits mailing list