Committers Agreement

From MozillaWiki
Jump to: navigation, search

Mozilla Foundation Committers' Agreement

Draft-template-image.png THIS PAGE IS A WORKING DRAFT Pencil-emoji U270F-gray.png
The page may be difficult to navigate, and some information on its subject might be incomplete and/or evolving rapidly.
If you have any questions or ideas, please add them as a new topic on the discussion page.

THIS IS A DRAFT VERSION OF THE AGREEMENT AND SHOULD NOT BE USED. There is a list of changes. For more information see bug 342029.

In order to become a Committer - that is, to obtain the ability to contribute information ("Code") to a Mozilla Foundation source code or data repository - you ("You") must indicate your agreement to the terms below by completing and signing this agreement and returning it to a Mozilla Foundation representative at the address specified at http://www.mozilla.org/hacking/notification/ (the "Notification Address").

1. Contact Information

Name:

Email:

Phone Number:

Postal Address:

2. Treatment of Account

You will receive one or more sets of Mozilla project access credentials. You will not allow anyone else to use these credentials to access any Mozilla project system. Should You become aware of any such use, You will immediately notify the Mozilla Foundation in the manner specified at http://www.mozilla.org/hacking/notification/; until such notice is received You will be presumed to have taken all actions made using Your credentials. The Mozilla Foundation and their designates will have complete control and discretion over capabilities associated with Your credentials and may change them for any reason at any time. Your name and email address, or a derivative of it, may be visible worldwide via the Internet.

3. License Terms

Code committed to a Mozilla Foundation repository must be governed by the mozilla.org tri-license, consisting of the Mozilla Public License ("MPL"), the GNU General Public License ("GPL") and the GNU Lesser General Public License ("LGPL"), or another license or set of licenses acceptable to the Mozilla Foundation for the Code in question. Other licenses are not acceptable to the Mozilla Foundation until the Foundation declares them to be acceptable in writing at http://www.mozilla.org/MPL/license-policy.html. You will verify that committed Code contains appropriate boilerplate licensing text.

4. Committing Code Created by Others

You may check in Code to a Mozilla Foundation repository that was not written by You, provided that:

a) The checkin comment contains information (or references to information) sufficient to identify the author of the Code, including at minimum an email address; and
b) You make all reasonable and appropriate efforts to ensure that such Code conforms to the terms of this agreement.

5. Cryptography

You understand that cryptographic Code may be subject to government regulations with which the Mozilla Foundation and/or entities using such Code must comply. Any Code which contains any of the items listed below must either be checked-in to a module explicitly identified as containing cryptography, or must not be checked in until the Mozilla Foundation has been notified and has approved such contribution in writing.

a) Cryptographic capabilities or features; or
b) Calls to cryptographic features; or
c) User interface elements which provide context relating to cryptography; or
d) Code which may, under casual inspection, appear to be cryptographic.

6. Notices and Knowledge

By contributing Code, You confirm that, to the best of Your knowledge:

a) For any Code contributed under MPL terms, any notices required by Sections 3.3, 3.4 or Section 4 of the MPL have been appropriately placed; and
b) Code does not violate the rights of any person or entity.

If You contribute Code on behalf of Your employer, then You must confirm that an appropriate representative of that employer has authorized the inclusion of such Code in a Mozilla Foundation repository under the terms of this agreement.

Signed:

Date:

Printed Name:


END


Open Issues

  • Do we need to better define "a module explicitly identified as containing cryptography"? What does this requirement mean in practice?