So I figured I'd add some additional thoughts. There are process problems, and if you want to understand why we consider this so important, take a look at this post[1] by Brett Porter from a few months back. IMO getting the process right is vital to our success as a project, but it isn't the only problem.
There's also an IP issue here. If you are developing in the ASF repo, we are relatively assured that you are complying with the CLA that you signed when you were invited as a committer. When massive amounts of code come flying in as a single commit, and especially when we are aware that the code has been released by another entity who likely claims copyright, all manner of warning lights come on. Was this copy-pasted into the Apache repos from elsewhere? Is it really yours to contribute? Has some grant been attached? A couple of examples to hopefully explain this better: The current vote going on for tests is a great example. From an IP perspective, that code was written for hire by a contractor (Clogeny) for Citrix, and Citrix owned the copyright. So currently the copyright for that section of code is owned by Citrix and there needs to occur clarification around license, whether it's being licensed or donated to, etc. In another example - CLOUDSTACK-306 (and I know Sheng has survived LKML, so he won't feel I am picking on him by using his code as an example). This code was developed elsewhere (presumably as a work for hire), and indeed published elsewhere first in another product, by a third party, who has rights to the IP. While the corporate entity in this particular case is friendly to the project, from a legal perspective the provenance of the code is known to us, and the licensing situation is very muddled. Apache projects have a reputation for good IP practices, and we, as a project need to make sure we are living up to those expectations, and that provenance and license is clear. If you have questions in this regard, please don't hesitate to ask. --David [1] http://markmail.org/message/ok4zwqtsroopqqsa
