-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA224
I have a question:
I often process patches from François, making adjustments as needed, and
then
commit. For such posts will be listed as an author François and as
Signed-off
will be mine. Is this the correct procedure?
Actually he needs to sign off on them. It gets a bit confusing because
there are actually three authorship fields in GIT that we are interested
in: author, signed-off-by, and committer. In this case his name goes into
author and signed-off-by, and your name goes into committer. So when you
process the patches, if he provided a signed-off-by line for that patch in
Bugzilla then you copy that into the commit message on the last line of
the commit message, separated by a blank line.
As I am still phasing the CLA system in, and I trust the core team not to
sue, include copyrighted code, etc., if he has not provided a
signed-off-by line for the patches go ahead and commit them without a
signed-off-by line.
For developers with GIT accounts you can commit and sign off all in one
step by passing the -s flag to git commit. Just be aware that you are
stating you have the legal right to license the commit when you do this;
philosophically this is the same as before but the procedure is a bit more
formal now.
Or contributions should be Signed-off at the same
time by François? If
so,
how
should it be implemented technically?
When he submits patches he should provide a signed-off-by line for that
patch in the bugtracker. If anyone outside of the core team submits a
patch without a signed-off-by line for that patch in the bug report we
need to request that they provide one--the patch itself does not have to
be resubmitted, but the submitter needs to add a comment stating they are
signing off on that patch and appending the appropriate signed-off-by line
to that comment.
Similarly, in cases of occasional contributors
who do not have commit
access?
For example, during the integration of the translations.
Same as above; if patch is submitted via Email then the Email should
contain the signed-off-by line. It's always OK to reply to a patch
submission and request that a signed-off-by line be provided.
Does this make sense? Basically we're just fixing the bookkeeping end of
the project so that we know who authored, who owns, who released, and who
committed anything and can thereby better avoid any potential legal
issues.
Tim
I need to be clearer about one thing: If an author has not provided a
signed-off-by line, do NOT add it for him under any circumstances.
Especially in the United States and the UK the author may or may not have
the legal right to license his or her work to anyone, so the signed-off-by
line should not always be populated with the author's information.
In the special case of open source patches from other projects, the person
that pulls the patch from that project and submits it to us should sign
off on it. In this case the patch handler is asserting, via the license
granted to him or her, that he or she has the right to relicense the patch
to us. If this is not possible then there must be no signed-off-by line
in the GIT commit message, and the patch needs to be reviewed by the core
development team to verify its origin and license compatibility before
committing.
Tim
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iFYEARELAAYFAlRAHDQACgkQLaxZSoRZrGFVOQDgv8cR8izWnNCcdFmGGXU1vrHH
sLthyw5KkIHN1wDghwNLadNzqIf5U/IUMfz6gn8fBdGk3qGDPgdfcQ==
=uNaL
-----END PGP SIGNATURE-----