-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA224
I have a question:
I often process patches from François, making adjustments as needed, and
then
commit. For such posts will be listed as an author François and as
Signed-off
will be mine. Is this the correct procedure?
Actually he needs to sign off on them. It gets a bit confusing because
there are actually three authorship fields in GIT that we are interested
in: author, signed-off-by, and committer. In this case his name goes into
author and signed-off-by, and your name goes into committer. So when you
process the patches, if he provided a signed-off-by line for that patch in
Bugzilla then you copy that into the commit message on the last line of
the commit message, separated by a blank line.
As I am still phasing the CLA system in, and I trust the core team not to
sue, include copyrighted code, etc., if he has not provided a
signed-off-by line for the patches go ahead and commit them without a
signed-off-by line.
For developers with GIT accounts you can commit and sign off all in one
step by passing the -s flag to git commit. Just be aware that you are
stating you have the legal right to license the commit when you do this;
philosophically this is the same as before but the procedure is a bit more
formal now.
Or contributions should be Signed-off at the same time
by François? If so,
how
should it be implemented technically?
When he submits patches he should provide a signed-off-by line for that
patch in the bugtracker. If anyone outside of the core team submits a
patch without a signed-off-by line for that patch in the bug report we
need to request that they provide one--the patch itself does not have to
be resubmitted, but the submitter needs to add a comment stating they are
signing off on that patch and appending the appropriate signed-off-by line
to that comment.
Similarly, in cases of occasional contributors who do
not have commit
access?
For example, during the integration of the translations.
Same as above; if patch is submitted via Email then the Email should
contain the signed-off-by line. It's always OK to reply to a patch
submission and request that a signed-off-by line be provided.
Does this make sense? Basically we're just fixing the bookkeeping end of
the project so that we know who authored, who owns, who released, and who
committed anything and can thereby better avoid any potential legal
issues.
Tim
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iFYEARELAAYFAlRAGREACgkQLaxZSoRZrGFBEgDfVbLl09PAuheSDzvI85jwBiIF
W93ruhdaPTAAZADgkdaC7D/2ulD8EuwwNHHRDW8GnhJK8nDcHkcpqg==
=JKN/
-----END PGP SIGNATURE-----