I won’t address the background point regarding software patents here. I’ll only to say that reasonable people can disagree on this, particularly when it comes to proposed solutions. What I would like to focus some attention on is the background that this patent filing is made against.

IBM has executed a CCLA with the Dojo Foundation. This agreement gives Dojo (and the rest of the OSS community) a license to whatever patent rights may be embodied in contributions of code. While IBM may file patents on things they build and contribute to Dojo, there’s no risk to any users regarding use of that code or “submarine” issues of patent infringement. As a result of the Dojo Foundation’s insistence that ALL code come with CLAs, Dojo is more trustable in terms of IP than most of the JavaScript you can choose to use. A similar patent claim in a less rigorously developed toolkit would indeed be apocalyptic, but the Dojo community has adopted a mature process for dealing with IP that both makes the concerns plain and then works to eliminate them, step-by-step. That’s what licensing agreements are, after all: links in the chain that together help you trust that your anchor is indeed set.

It’s clear to me that IBM filed this patent fully aware that they were giving away all follow-on rights to enforce it in anything but a defensive way for the benefit of the Foundation and users of Dojo. After watching IBM counsel decimate SCO in court, does anyone in the OSS world really think that IBM’s lawyers are fools? And if so, to what end?

It’s sad that Slashdot hasn’t, for a decade of coverage of IP issues, learned that licensing is harder than the zealots would have you believe and that malice isn’t always the intent of those who participate in communities with a commercial interest.

The good news here, of course, is that IBM is just as generous today toward the OSS and Dojo communities as they were yesterday. We have the legal documents to prove it.

Alas, no, we’ve been doing it all wrong. Excuse me while I go rinse the taste of situational ethics and lost plots out of my mouth.

At Webtide, we sell developer advice, custom development and production support for jetty and dojo cometd. We don’t expect our clients to buy our services because of some sort of guilt trip from the value they obtain from those projects. We expect our clients to pay for the value add that we give. The software is free under the terms of the apache 2.0 license and we expect no charity or moral obligation in return.

This pretty much sum’s up why most venture-backed Open Source efforts either fail so miserably at building real community or just fail miserably in general. Open Source – to my mind – isn’t some talisman you wave over software to instantly take market share from entrenched players or to instantiate your very own +5 Army of Contributors (with the zealotry bonus) for personal gain. Instead, it’s a great way to distribute software that should already be a commodity at near the cost of reproduction (roughly bupkis) and prevent network effects from ingraining outsized profits to firms whose marginal utility is suspect. If something is still worth paying for, it’s natural to expect that it won’t fare well in the world of free software. Too few people are liable to understand its value to create the virtuous cycle of contribution and use that makes the whole thing work. The great news here is that commercial software isn’t dead at all. It just has to actually be better.

Open Source (and to similar and complementary extent, open standards) helps drive Pareto-efficient allocation of capital in the software business. That may not be a high calling, but it’s a lot easier to justify than living off of monopoly rents for a living, and I take great comfort in knowing that what we do at SitePen adds amazing value (else we wouldn’t make a living at it). As with Greg and WebTide, people pay us for what’s actually scarce: clue, skill, and hard work.

• Those contributing to Dojo Foundation projects actually own what they contribute and therefore have the right to license it to someone else
• All of the rights needed to preserve the freedom of the code over the long haul have been contributed

Aside from some legal jargon, that’s all that’s in the agreement. So why have it? Why create the barrier to entry for newcomers who just want to pitch in? I have great sympathy for the impatient potential contributor huffing “why do I need to sign this, anyway?”, so this blog post is an effort to boil it down. The reasons start with meritocracy.

Open Source projects often pride themselves on creating a more level playing field; when it works right those whose contributions are good are recognized while those whose contributions are bad are left with bit-rotting patches and hopefully some friendly direction on how to improve. In this way, it’s the essential function of OSS projects to separate good contributions from bad. Oddly, the CLA process is a simple quality filtering function for weeding out the unserious, or simply another way to weed out potentially good contributions from bad.

CLAs are an annoyance to be sure, but consider what they attest to. I’ve heard the argument from time to time that “CLA’s violate the spirit of Open Source” by limiting who can contribute, but that is indeed the point! Mature projects like Dojo don’t accept patches without documentation, unit tests, and good code style…why should clean IP be any different? Indeed, CLAs allow us to be open yet rigorous at the same time. The CLAs process stands in stark contrast to many “open source”-in-name-only products which are produced by single companies or individuals but which don’t provide any way to materially contribute back or become part of the project directly. The CLA process is both a sign that the project is open enough to allow you to “get your itches scratched” if you really want to contribute but also mature enough to manage the risks that come along with allowing everyone to potentially participate.

More to the point, do you really want to be taking code from a group of people who won’t put in writing what everyone assumes about their contributions? And how seriously should you take an organization that hasn’t thought hard enough about their own product to ensure that they actually have all the rights to the work they distribute? Remember, there’s no requirement that anything be Open Source or that OSS products be developed as open projects, but the CLA process is in many ways a seal of quality: projects which require it are built to last (at least on an IP basis) and are also open enough to ensure that their community can grow.

One of the best aspects of the CLA process is that it gets people who are contributing to think about what it means to contribute. The CLA process means that they’ve printed out, signed, and hopefully read and understood that they are doing something serious and that they are joining a community of people who likewise take their work seriously. I really only want to work with people who are committed enough to making Dojo better that they’ll take the time to think about how their work is licensed. Far from being just a task you need to do before you can contribute, the CLA process ensures that the people building Dojo are intellectually tall enough to ride.

Tall enough? Join us!