Document that contributors are required to assert compliance with the
Developers Certification of Origin 1.1, by providing Signed-off-by tags
for all commit messages. The DCO is formally stating what we have long
implicitly expected of contributors in terms of their legal rights to
make the contribution. This puts the project in a stronger position
should any questions around contributions be raised going forward in the
future.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
docs/hacking.html.in | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/docs/hacking.html.in b/docs/hacking.html.in
index 6cadfb8343..98a24d785c 100644
--- a/docs/hacking.html.in
+++ b/docs/hacking.html.in
@@ -108,12 +108,18 @@
of the bug number is useful; but also summarize the issue
rather than making all readers follow the link. You can use
'git shortlog -30' to get an idea of typical summary lines.
- Libvirt does not currently attach any meaning to
- Signed-off-by: lines, so it is up to you if you want to
- include or omit them in the commit message.
</p>
</li>
+ <li><p>Contributors to libvirt projects <strong>must</strong>
+ assert that they are in compliance with the
+ <a href="https://developercertificate.org/">Developers
+ Certificate of Origin 1.1</a>. This is achieved by adding
+ a "Signed-off-by" line to every commit message. The presence
+ of this line attests that the contributor has read the
+ above lined DCO and agrees with its statements.
+ </p></li>
+
<li><p>Split large changes into a series of smaller patches,
self-contained if possible, with an explanation of each patch
and an explanation of how the sequence of patches fits
--
2.14.3
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
On Mon, Jan 22, 2018 at 12:40:37PM +0000, Daniel P. Berrange wrote:
> Document that contributors are required to assert compliance with the
> Developers Certification of Origin 1.1, by providing Signed-off-by tags
> for all commit messages. The DCO is formally stating what we have long
> implicitly expected of contributors in terms of their legal rights to
> make the contribution. This puts the project in a stronger position
> should any questions around contributions be raised going forward in the
> future.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> docs/hacking.html.in | 12 +++++++++---
> 1 file changed, 9 insertions(+), 3 deletions(-)
>
With the nits Andrea pointed out fixed, FWIW:
Reviewed-by: Kashyap Chamarthy <kchamart@redhat.com>
[...]
--
/kashyap
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
On Mon, 2018-01-22 at 12:40 +0000, Daniel P. Berrange wrote: > Document that contributors are required to assert compliance with the > Developers Certification of Origin 1.1, by providing Signed-off-by tags Both here... > for all commit messages. The DCO is formally stating what we have long > implicitly expected of contributors in terms of their legal rights to > make the contribution. This puts the project in a stronger position > should any questions around contributions be raised going forward in the > future. > > Signed-off-by: Daniel P. Berrange <berrange@redhat.com> > --- > docs/hacking.html.in | 12 +++++++++--- > 1 file changed, 9 insertions(+), 3 deletions(-) > > diff --git a/docs/hacking.html.in b/docs/hacking.html.in > index 6cadfb8343..98a24d785c 100644 > --- a/docs/hacking.html.in > +++ b/docs/hacking.html.in > @@ -108,12 +108,18 @@ > of the bug number is useful; but also summarize the issue > rather than making all readers follow the link. You can use > 'git shortlog -30' to get an idea of typical summary lines. > - Libvirt does not currently attach any meaning to > - Signed-off-by: lines, so it is up to you if you want to > - include or omit them in the commit message. > </p> > </li> > > + <li><p>Contributors to libvirt projects <strong>must</strong> > + assert that they are in compliance with the > + <a href="https://developercertificate.org/">Developers > + Certificate of Origin 1.1</a>. This is achieved by adding ... and here, use either "Developer Certificate of Origin" or "Developer's Certificate of Origin" - the DCO website irritatingly uses both wordings :( > + a "Signed-off-by" line to every commit message. The presence > + of this line attests that the contributor has read the > + above lined DCO and agrees with its statements. > + </p></li> The indentation is off in the above paragraph. Other than that it looks good, so Reviewed-by: Andrea Bolognani <abologna@redhat.com> but I'm wondering if we need some sort of vote or agreement at the community level before this can be formalized and enforced. -- Andrea Bolognani / Red Hat / Virtualization -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
On Mon, Jan 22, 2018 at 02:28:14PM +0100, Andrea Bolognani wrote: >On Mon, 2018-01-22 at 12:40 +0000, Daniel P. Berrange wrote: >> Document that contributors are required to assert compliance with the >> Developers Certification of Origin 1.1, by providing Signed-off-by tags > >Both here... > >> for all commit messages. The DCO is formally stating what we have long >> implicitly expected of contributors in terms of their legal rights to >> make the contribution. This puts the project in a stronger position >> should any questions around contributions be raised going forward in the >> future. >> >> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> >> --- >> docs/hacking.html.in | 12 +++++++++--- >> 1 file changed, 9 insertions(+), 3 deletions(-) >> >> diff --git a/docs/hacking.html.in b/docs/hacking.html.in >> index 6cadfb8343..98a24d785c 100644 >> --- a/docs/hacking.html.in >> +++ b/docs/hacking.html.in >> @@ -108,12 +108,18 @@ >> of the bug number is useful; but also summarize the issue >> rather than making all readers follow the link. You can use >> 'git shortlog -30' to get an idea of typical summary lines. >> - Libvirt does not currently attach any meaning to >> - Signed-off-by: lines, so it is up to you if you want to >> - include or omit them in the commit message. >> </p> >> </li> >> >> + <li><p>Contributors to libvirt projects <strong>must</strong> >> + assert that they are in compliance with the >> + <a href="https://developercertificate.org/">Developers >> + Certificate of Origin 1.1</a>. This is achieved by adding > >... and here, use either "Developer Certificate of Origin" or >"Developer's Certificate of Origin" - the DCO website irritatingly >uses both wordings :( > >> + a "Signed-off-by" line to every commit message. The presence "line containing the contributor's name and e-mail" maybe? I presume just 'Signed-off-by' is not enough for the "legal snake oil", even though it's all the git hook asks for. >> + of this line attests that the contributor has read the >> + above lined DCO and agrees with its statements. >> + </p></li> > >The indentation is off in the above paragraph. > >Other than that it looks good, so > > Reviewed-by: Andrea Bolognani <abologna@redhat.com> > >but I'm wondering if we need some sort of vote or agreement at the >community level before this can be formalized and enforced. There will never be agreement. But from the git hook thread: In favor: Dan, John, Michal(?) Indifferent: Erik Against: Me, Peter Which already is some kind of vote, so I'll give this one: "Meh, ACK, please don't try to make another tag mandatory in the future" Jan -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
On Wed, Jan 24, 2018 at 02:59:17PM +0100, Ján Tomko wrote: > > > + a "Signed-off-by" line to every commit message. The presence > > "line containing the contributor's name and e-mail" maybe? > I presume just 'Signed-off-by' is not enough for the "legal snake oil", > even though it's all the git hook asks for. Yes, good point - it ought to be the name of the person who contributed the patch, which is usually, but not always also the author. > > > + of this line attests that the contributor has read the > > > + above lined DCO and agrees with its statements. > > > + </p></li> > > > > The indentation is off in the above paragraph. > > > > Other than that it looks good, so > > > > Reviewed-by: Andrea Bolognani <abologna@redhat.com> > > > > but I'm wondering if we need some sort of vote or agreement at the > > community level before this can be formalized and enforced. > > There will never be agreement. > > But from the git hook thread: > In favor: Dan, John, Michal(?) > Indifferent: Erik > Against: Me, Peter > > Which already is some kind of vote, so I'll give this one: > "Meh, ACK, please don't try to make another tag mandatory in the > future" Thankyou, none the less I don't want to just push it through while an explicit NACK from stands, depsite a number of others in favour. Simple majority voting is too crude and leads to unhappiness if someone does feel so strongly about a proposal that they want to veto it. So I will wait to see if, given the range of opinions, Peter would be ok with the proposal being applied, despite his previous nack. I had considered whether we should require a Reviewed-by tags to show that someone other than the author has reviewed a patch before it is pushed. It is not practical to check this automatically though, given that we like the flexibility to be able to push build-breaker fixes or trivial fixes, etc as-is. So I won't propose making anything else mandatory - at very most I'd encourage, but *not* require, other tags. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
On Wed, Jan 24, 2018 at 14:34:49 +0000, Daniel P. Berrange wrote: ... > I had considered whether we should require a Reviewed-by tags to show > that someone other than the author has reviewed a patch before it is > pushed. It is not practical to check this automatically though, given > that we like the flexibility to be able to push build-breaker fixes > or trivial fixes, etc as-is. So I won't propose making anything else > mandatory - at very most I'd encourage, but *not* require, other tags. Since Signed-off-by is going to be required, automatic check would be doable. After all at some point in the past you mentioned either Signed-off-by from someone with commit access or Reviewed-by could be required. However anyone pushing a patch is either the contributor or is apparently confident of the patch to the extent they could provide Reviewed-by so the condition is implicitly met by the fact the patch was pushed. In other words, having Reviewed-by in the commit message is nice for generating statistics for KVM Forum keynotes, once the patch gets out of our git repository (i.e., is backported to a downstream), or when someone wants to see who the hell could have acked this. But it's not something one couldn't live without. That said, I don't mind if either of these tags are mandatory as both are somewhat useful. Jirka -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
On Wed, Jan 24, 2018 at 04:14:54PM +0100, Jiri Denemark wrote: > pushed. In other words, having Reviewed-by in the commit message is nice > for generating statistics for KVM Forum keynotes, once the patch gets > out of our git repository (i.e., is backported to a downstream), or when BTW, when generating libvirt stats for KVM Forum 2018, whoever does it ought to process every git repo hosted on libvirt.org, rather than just libvirt.git, as we have non-negligible amount of work going on in the other repos, even if much if it doesn't use the mailing list for review all the time :-) Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
© 2016 - 2025 Red Hat, Inc.