[p2pu-dev] tech call notes 2012-04-25
Zuzel VP
zuzel at p2pu.org
Wed Apr 25 15:11:05 UTC 2012
*April 25*
- Zuzel's list of responsibilities:
http://pad.p2pu.org/p/detailed-responsibilities
- I cleaned it up more
- also defined more the sysadmin section
- When is the next release - can we have Dirk manage the next one?
- I am documenting the current release
- I will share the docs with Dirk and get feedback from him about what
is clear and what isn't
- I was thinking of involving Dirk in the release planned for May 4th
- We need to schedule the time for the release in advance (so both of us
are awake) and collaborate in the pre-release preparations
- Will all of the conversion tracking stuff be deployed with this
release?
- adwords, analytics, and chartbeat should be up
- refferer?
- have to figure out how to pass the info between the time the user hits
the site with http and the time (s)he logins with https
- @Dirk / Zuzel: Automated Releases?
- Will keep an eye on things that can be automated, would be nice to get
this to a single step deploy eventually
- Next steps:
- Schedule chat about release process with Zuzel
- Walk through setup process with Zuzel on the 3rd of May (before
community call -- will wake up early and ping you on skype)
- Do release on the 4th of May
- What's needed to resolve https issues?
- logged in users have to refresh page (cookies are secure) - logged in
users over http
- (ideal) research if it is possible to put a non-secure cookie
(accessible from https and http) that just says (this user is loged in)
- if we can do this then we can redirect users to https when we detect
the cookie
- (alternative simpler solution) redirect all our website trafic to https
- direct access to https://www.p2pu.org or other subdomains produces an
error
- can't redirect - certificate gets requested before redirect
- reconsider our selection of ssl certificate for the next year
- currently we have a
http://www.rapidssl.com/buy-ssl/ssl-certificate/index.html
- short term solution currently in place for when they start at
http://www.p2pu.org (https?) is to redirect them to http://p2pu.org
(https?) so when they click login they end up at https://p2pu.org
- Next steps:
- John to check DNS records to force redirect / add CNAME for
www.p2pu.org to resolve error at https://www.p2pu.org
- Remove wildcard *.p2pu.org record
- Add a CNAME for www.p2pu.org to point to p2pu.org
- John do some research -> Still need a resolution for secure cookies
(users get logged out when they switch to http)
- Contributor agreement - do we ask all contributors to assign ownership
to P2PU?
- Shared the last version we had through google docs, should we paste it
on a pad?
- Either put on a pad, or make a public google doc (non-editable)
-
https://docs.google.com/document/d/1HnKw34U-PV0_pxuU_JjCAISOhnkJ9CUtL4jK3iccxa0/edit
- MPL allows us to use code in proprietary situations. Do we want to
re-license?
- Contributing should be as simple as submitting coa pull request - no
red tape
- According to our lawyers we need the signed agreement for code
contributions
-
http://p2pu.lighthouseapp.com/projects/70576/tickets/22-contribution-agreement#ticket-22-10
- Contributions by paid staff and consultants are covered by their
respective contracts already.
- Two questions we had in the past:
- Does each contributor need a customized version or can we make one
generic version (e.g. signed by me with today's date) that contributors can
download and complete?
- Yes
- Is there a way to make the agreement "implicit" in joining the
project? Similar to the checkbox that states you agree "terms and
conditions" that most commerce sites use.
- No
- P2PU is based on batucada, ownership of batucada code remains with
Mozilla (maybe Paul Osman)
- Even if we wanted to enforce the license, we would need Mozilla to
assign ownership of the core code to P2PU as well
- http://www.ohloh.net/p/lernanta --
http://www.ohloh.net/p/lernanta/contributors --
http://www.ohloh.net/p/lernanta/analyses/latest -- we can leave our dev
stats to this site, the charts look cool
- Key reasons why contributor agreements are useful
- Relicensing - From MPL to LGPL (for example)
- We can't really do this, because MPL is infectious and batucada
"infected" lernanta... we're obligated to keep the MPL
- We can do this if we own the code - we'd have to get ownership from
Mozilla
- Why will we want to do this?
- Enforcing License
- John: I don't think there's any chance of people using lernanta (as it
stands) in a way that we would be unhappy with. We're using the MPL because
of Mozilla
- Right now it's not an issue. This would be setting us up for the
future.
- Strategic considerations
- We may not "care" about others using our code in ways that the license
doesn't permit
- We may not want to put resources into enforcing the law but think the
public opinion will againts other people using the code in ways the license
doesn't permit
- Weigh up the downside of making contributions harder (red tape) vs.
the ability of enforcing the license at some point in the future +1
- Are we even able to get ownership of the underlying batucada code?
- There is little legal risk that others will use the code in ways that
MPL does not allow (the MPL may discourage that use in the first place)
- More information http://www.harmonyagreements.org/index.html
- What about SaaS and AGPL, is the MPL like the AGPL?
- I don't know.
- https://github.com/p2pu/lernanta/blob/master/LICENSE.txt
- Next steps:
- Philipp to contact Brian how OBI handles this.
- Philipp to sum up and send to lawyers.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.p2pu.org/pipermail/p2pu-dev/attachments/20120425/52d0f8c5/attachment-0001.html>
More information about the p2pu-dev
mailing list