Development Resources/Contribution Questionnaire
Use the Project Management Infrastructure to create a Contribution Questionnaire.
Many contributions to a project must be checked by the Eclipse Intellectual Property (IP) Team prior to their inclusion by an Eclipse Project or distribution from an eclipse.org property. Contribution questionnaires (CQ) are the main interface between the Eclipse community and the Eclipse IP Team.
Contributions that require the completion of a CQ are identified by the Eclipse IP Due Diligence Process. Committers should be familiar with this document.
The term "contribution questionnaire" has become synonymous with the notion of a record that tracks the ongoing inclusion of IP in a project. That is, the "questionnaire" part is only the initial aspect, and individual CQs persist indefinitely.
If you are not sure whether or not you need a CQ, ask your project leadership (Project Lead, or PMC members), project mentors, or the EMO for guidance.
Eclipse committers should be familiar with the following documents:
- Committer Due Diligence Guidelines
- Eclipse IP Due Diligence Process
- Eclipse Policy and Procedures for Third-Party Dependencies
All new projects are required to make an initial contribution before any code can be committed into an eclipse.org version control system (VCS). The Eclipse IP Team will review your initial contribution and tell you (via comments on the CQ) when you can commit the contribution into your project's VCS.
Note that the Eclipse IP Team cannot validate the history initial contribution; the initial contribution must be provided in the form of a snapshot of the project code and must be committed as it is reviewed (i.e. old history must, unfortunately, be left behind).
Please see Creating A Contribution Questionnaire.
Significant contributions of code to be maintained at eclipse.org, as defined by the Eclipse IP Due Diligence Process require a CQ.
All contributors must have a signed CLA.
Third Party Libraries
Projects require a CQ for every third-party library that project code makes direct use of. If your code makes indirect use of a third party library through another Eclipse project's code, you do not require a CQ for that library.
You need a CQ if:
- the manifest for one of the project bundles makes a direct reference to a third-party library (either the library bundle or a package from the library);
- any Java class in the project's code includes an import statement for a package from a third-party library;
- project code uses Java reflection (e.g.
Class.forName("...")) or other means to reference a library's class;
- project code uses OSGi Services to make a reference to a specific implementation of a service; or
- project code invokes a "command line" tool.
Note that this list is not intended to be exhaustive. Also note that CQs for third-party libraries are version-specific. That is, a separate CQ is required for different versions of the same library.
These requirements apply equally to all kinds of distributions including milestones and releases.
Nested projects that are distributed as part of a parent project's aggregated distribution can leave their CQs on the parent project. If a nested project chooses to provide an independent distribution (either completely separately, or in addition to the aggregation), the CQs corresponding to that project will need to be realigned. Note that the IP logs for an aggregated distribution can be combined (this is supported by tools).
There are some special cases in the form of "except prerequisite" and "works with" CQs. For more information, please see the Eclipse Policy and Procedures for Third-Party Dependencies.
Many third party libraries have already been approved for use in Eclipse projects. Many of those are immediately available via the Orbit Project. While these libraries have already been cleared for use by all Eclipse projects, their use must be tracked. Usage is tracked so that--in the event that a issue is uncovered following the due diligence process--we can mitigate the impact of that issue.
In this case, a "piggyback" CQ can be created on top of an existing CQ. Piggyback CQs are generally approved very quickly as the due diligence work has already been completed.
The workflow for creating a CQ for a third-party library starts with a search of existing CQs. If an existing CQ can be found that is concerned with the same library and version, then a piggyback CQ is created. Piggyback CQs must be approved by the project's Project Management Committee (PMC) before they are processed by the EMO IP Team.
If an existing CQ cannot be found, a new one must be created. Once created, the source code for the third-party library must be attached to the record. The PMC must then approve the record. If the project is eligible to leverage the Parallel IP Process, the EMO IP Team performs a cursory review of the record and--if the CQ meets with the requirements--tentatively approves the use of the library while the full review is undertaken in parallel.
The IP team may require your assistance as it performs a deep analysis of the library. Once that analysis is complete and the IP team has made a decision, they will outline the next steps. These next steps may--in the event that the library is rejected--that the library be removed from the project VCS, or that some part be removed. Most often, the library is approved and the CQ is marked as such.
Be advised that this process may take a while. The actual amount of time that it takes to process a CQ depends on numerous factors including the size of the queue, and the nature and size of the contribution.