Signed-off-by in Wayland and Weston projects

Jonas Ã…dahl jadahl at gmail.com
Wed Oct 7 19:49:18 PDT 2015


On Wed, Oct 07, 2015 at 11:05:34AM -0700, Bryce Harrington wrote:
> On Wed, Oct 07, 2015 at 11:21:38AM -0500, Derek Foreman wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > 
> > On 07/10/15 02:27 AM, Pekka Paalanen wrote:
> > > On Tue, 06 Oct 2015 15:30:17 -0500 Derek Foreman
> > > <derekf at osg.samsung.com> wrote:
> > > 
> > >> Hmm, I landed this one but shouldn't have - we require
> > >> signed-off-by for commits.
> > >> 
> > >> Could you re-send your other two with Signed-off-by?
> > > 
> > > Hi,
> > > 
> > > I think we've been quite liberal with the S-o-b. It certainly is 
> > > preferred to have, but I haven't called for a re-submission in case
> > > it was omitted.
> 
> Same, I've ignored it when it was missing many-a-time.
> Although see my next comment.
> 
> > I just did a really quick check and we have just one patch in weston
> > with a S-o-b under a pseudonym, so even when it's been present we
> > haven't necessarily checked it for validity. :)
> > 
> > > Should we start consistently requiring S-o-b?
> > 
> > I've seen it asked for in patch review before, so I thought it was
> > already a hard requirement.
> >
> > When I started contributing someone told me I had to S-o-b all my
> > patches, but I can't remember who it was.
> 
> I seem to recall Samsung requires (or strongly recommends) you and I to
> S-O-B patches using our Samsung address.  I would certainly flag this
> during a new employee's ramp up, so wouldn't surprise me if in your
> described situation I'd been that reviewer...
> 
> If that's the case, then yeah don't worry about it for anyone !samsung.

For non-samsung reviewers I don't expect anyone to have to know about
or remember this though.

> 
> > If we don't strictly require it, I'd love to land 61060 before it bit
> > rots all to pieces again. :)
> 
> IIRC, s-o-b was introduced back when Linux was being attacked by that
> patent troll, as a way for IP ownership accountability or some such.
> I know that's only one part of the rationale for it, but that bit may
> not be all that big of a worry for Wayland.
> 
> Bit rot, on the other hand, now there's a real problem.  :-)
> 
> > > If yes, would be nice to have it mentioned in doc/Contributing with
> > > a link explaining what it actually means.
> > 
> > Right...
> > 
> > Even then, without GPG signing everything, how do we know a
> > contributor is who they claim to be and that the S-o-b is meaningful
> > anyway?
> 
> How do we know your dog didn't get his paws on your GPG key when you
> weren't looking?  ;-)
> 
> > That said, I'd love to have absolutely nothing to do with this policy
> > decision, and will happily enforce whatever requirements others decide o
> > n.
> > 
> > I just hope they don't make contributing any harder than it already is.
> > :)
> 
> Hey, if your dog can do it...

It's even easier to add "--signoff" to git commit than using git
send-email!

FWIW, libinput has more strict requirements than wayland/weston
regarding this, but since it seems to have never been a requirement for
wayland/weston I guess we can continue with that.


Jonas

> 
> Bryce
> 
> > > Thanks, pq
> > > 
> > 
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1
> > 
> > iQEbBAEBAgAGBQJWFUaSAAoJEF5USY5pfxHXz68H+O69t4vaHsH27JzDvINKhX9H
> > VMF7WW+ZyHXBLMozgXa1TjkOcRwQ3to+wEok2t8inxhvqZSd96SiwVnuvFGAo7Zd
> > Ci2ovnJshG8rJM1cVCmEhb0MTu4yWuq7xhArVn5zhnh3lSaay4lCFEJ8nfzBe9tb
> > 2iw8QvVozfnOqQprvb5ZJSI+nOv+4t0U2A4qF3+pOZVTr6TwCuns5HJ7SzgC9Kqa
> > XhRkSPk1pak77ZB98ihwMFGky0NHq5Wx5kC8McskxlehZjnPFGsCZPcWEb4wVk6Q
> > 4b8pvJLVuM9Z/u00SalUkXQEhNG3YG1JPhf1NQpfmvw2nj8QQB47DpDcIzXfoQ==
> > =vbUH
> > -----END PGP SIGNATURE-----
> _______________________________________________
> wayland-devel mailing list
> wayland-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/wayland-devel


More information about the wayland-devel mailing list