Signed-off-by in Wayland and Weston projects

Jonas Ådahl jadahl at gmail.com
Thu Oct 8 00:33:57 PDT 2015 

On Thu, Oct 08, 2015 at 10:19:21AM +0300, Pekka Paalanen wrote:
> On Thu, 8 Oct 2015 10:49:18 +0800
> Jonas Ådahl <jadahl at gmail.com> wrote:
> 
> > On Wed, Oct 07, 2015 at 11:05:34AM -0700, Bryce Harrington wrote:
> > > On Wed, Oct 07, 2015 at 11:21:38AM -0500, Derek Foreman wrote:
> > > > -----BEGIN PGP SIGNED MESSAGE-----
> > > > Hash: SHA1
> > > > 
> > > > On 07/10/15 02:27 AM, Pekka Paalanen wrote:
> > > > > On Tue, 06 Oct 2015 15:30:17 -0500 Derek Foreman
> > > > > <derekf at osg.samsung.com> wrote:
> > > > > 
> > > > >> Hmm, I landed this one but shouldn't have - we require
> > > > >> signed-off-by for commits.
> > > > >> 
> > > > >> Could you re-send your other two with Signed-off-by?
> > > > > 
> > > > > Hi,
> > > > > 
> > > > > I think we've been quite liberal with the S-o-b. It certainly is 
> > > > > preferred to have, but I haven't called for a re-submission in case
> > > > > it was omitted.
> > > 
> > > Same, I've ignored it when it was missing many-a-time.
> > > Although see my next comment.
> > > 
> > > > I just did a really quick check and we have just one patch in weston
> > > > with a S-o-b under a pseudonym, so even when it's been present we
> > > > haven't necessarily checked it for validity. :)
> > > > 
> > > > > Should we start consistently requiring S-o-b?
> > > > 
> > > > I've seen it asked for in patch review before, so I thought it was
> > > > already a hard requirement.
> 
> > > > > If yes, would be nice to have it mentioned in doc/Contributing with
> > > > > a link explaining what it actually means.
> > > > 
> > > > Right...
> > > > 
> > > > Even then, without GPG signing everything, how do we know a
> > > > contributor is who they claim to be and that the S-o-b is meaningful
> > > > anyway?
> 
> Let's not go there. Next you'll be asking reviewers to gpg-sign their
> R-bs and having re-sent patches with R-b to be signed by all of authors
> and reviewers to prevent forged tags...
> 
> 
> > FWIW, libinput has more strict requirements than wayland/weston
> > regarding this, but since it seems to have never been a requirement for
> > wayland/weston I guess we can continue with that.
> 
> I don't know why we should be strict with S-o-b, but then again I
> didn't understand the license thing either.
> 
> I'd be happy to be ignorant and not strictly require S-o-b, but we
> could still recommend it once in a while. S-o-b never hurts, right?
> 
> How about adding a recommendation to give S-o-b in Contributing,
> including explanations, but not rejecting patches only because they
> miss a S-o-b?

Sounds reasonable to me.

> 
> In more complex cases where people pick up others patches and change
> them, the S-o-b tags with change comments in the commit message help to
> describe how the patch has evolved, giving credit where it is due.

Well this is actually a reason why to be more strict; repurposing a
patch or applying a reverted patch including new changes by a different
author. With S-o-b's by all involved, it'd be more clear who were
actually involved. The same applies to patches on the mailing list
rebased by other than the original author (but of course we can't
control what ends up in the list).


Jonas

> 
> 
> Thanks,
> pq

More information about the wayland-devel mailing list