New Canonical CLA Process

We believe the best software is written in the open. It’s our guiding principle and one that has allowed us to create a thriving community of developers from all over the world committing millions of lines of code every year. This novel way of building software works because the open source community believes that together we can do far more than by ourselves. As a large and growing community, we are always searching for ways to lower the barrier to entry and empower our developers to do what they do best.

What is the Canonical CLA?

The Canonical Contributor License Agreement is a simple and readable document that ensures our developers are protected and the software we make is able to be shared around the world. All developers who wish to contribute to Ubuntu, and the various other projects we work on, are required to sign the agreement. You can read the entire Canonical Contributor License Agreement.

The current CLA process which has been in place for a number of years is largely manual which can slow down the initial contribution pipeline and leave eager developers frustrated. Along with individual developers, we also want to make it easier for organizations looking to continue to be able to sign and protect their developers who wish to contribute.

What changes are coming to the Canonical CLA process?

We’ve just rolled out a new CLA processing system that streamlines the agreement signing and checking process that we use throughout our CI/CD pipelines. The Canonical CLA itself is not changing.

For developers this will mean:

• Easier agreement signup using Github via Oauth authentication
• Easier agreement signup via Launchpad via Ubuntu SSO
• An improved agreement process for organization signing the CLA

How will I be affected?

We are rolling out the changes in a phased manner as to not cause disruption for our developer community and their work.

If you’re a current developer who has already signed the Canonical CLA: You will need to sign the CLA again using the new signing process found here, before the end of August 2025. Regular reminders will be sent to the email address you have listed on your initial signing prior the deadline.

If you’re a new developer who has yet to sign the Canonical CLA: You only need to sign up with the new signing process and start contributing.

Since this consistently refers to Canonical and not Ubuntu, does this apply to all software managed within the Ubuntu landscape (which, in turn, is ultimately managed by Canonical) or simply to projects directly managed by Canonical?

Usually just projects directly managed by Canonical. Typically found on Github.

Typically yes, though the CLA does actually apply to some projects on Launchpad, but we need to do some more work on how to make that process more automated in the future.

Thank you for the update. New contributor looking to join and contribute to the Canonical and Ubuntu community

This may have been true of the old CLA, I don’t know as I only now found something to contribute to.

Why does it require my phone number and address? I’ve signed other CLAs before; most haven’t required an address but I get that for legal purposes. But none have required a phone number; if anything I’ve had some require an email address for contact purposes.

Do we have any provided guarantee on data privacy here / just to double check, does Data privacy | Ubuntu apply here?

Hello @13steinj,
Both the old form and new form request that information for legal and contact purposes. To your second question, the data privacy policy applies to all personal information received by Canonical, including the CLA form.

Thanks for the confirmation! That’s what I truly care about at the end of the day.

theanx
@aaronprisk