Comment by yjftsjthsd-h
8 days ago
And again - what IP risk does a CLA solve, that a DCO wouldn't? Like, IANAL so I certainly could be missing something, but I'd like to hear what it might be.
8 days ago
And again - what IP risk does a CLA solve, that a DCO wouldn't? Like, IANAL so I certainly could be missing something, but I'd like to hear what it might be.
I’m also maintaining an open-source project and have spent significant time drafting our CLA, so I completely understand the concerns surrounding them.
While DCO is excellent for tracking provenance, we opted for a CLA primarily to address explicit patent grants and sublicensing rights—areas where a standard DCO often lacks the comprehensive legal coverage that a formal agreement provides.
It’s a common and sustainable practice in the industry to keep the core code open-source while developing enterprise features. Without a solid CLA in place, a project faces massive legal hurdles later on—whether that’s for future commercialization or even the eventual donation of the project to an open-source foundation like the CNCF or Apache Foundation. We're just trying to ensure long-term legal clarity for everyone involved.