Why you probably shouldn’t add a CLA to your open source project


The question then becomes, if the project’s open source license isn’t sufficient enough for maintainers to feel comfortable accepting code, why should end users be expected to feel comfortable enough to do so? Put another way, why should project maintainers be granted rights and protections beyond those granted to end users (and other contributors)? Most often, this is a sign that the license the project’s using isn’t sufficient for the project’s industry or the maintainer’s legal posture, and moving to a more patent-aware license like Apache, may resolve the need for a CLA entirely.

1 Like

I have maintained for years now that CLAs are incredibly dumb. It’s definitely a CYA type of agreement that no one wants to sign. A bunch of lawyers got together and said it’s a good idea.

It adds completely unnecessary friction for contributors who commonly just want their contribution to be accepted for selfish reasons. Sometimes adding friction is good because it improves quality of the project, but in this case, it does not improve the quality of the tickets submitted to the issue tracker or the source code submitted via a PR.

As with any engineering decision, if something is not needed, delete it.

1 Like