Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Stop requiring signoff in commit messages? #644

Open
jdmpapin opened this issue Jan 9, 2023 · 9 comments
Open

Stop requiring signoff in commit messages? #644

jdmpapin opened this issue Jan 9, 2023 · 9 comments

Comments

@jdmpapin
Copy link
Contributor

jdmpapin commented Jan 9, 2023

The OpenJ9 and OMR repositories used to require this, but they no longer do. I believe it was originally a requirement from Eclipse that was later dropped. If signoff is required here for the same reason as it was there, it should be possible to remove the signoff check in PRs. And if it's possible to remove the requirement and the check, then we should do so, or else they will be an unnecessary annoyance. This suggestion applies to any/all openj9-openjdk-jdk* repos that still require signoff now.

@keithc-ca
Copy link
Member

OpenJ9 and OMR are Eclipse projects and must respect requirements that come with that relationship.

This repository (and others in the ibmruntimes organization) have independent requirements: To my knowledge, the sign-off-by line is to satisfy an expectation imposed by IBM (that has not changed).

@jdmpapin
Copy link
Contributor Author

Can somebody who knows (or knows how to easily find out) comment on the current signoff requirement? Maybe @mstoodle?

@pshipton
Copy link
Member

@AdamBrousseau do you know any reason why we need the check? It doesn't seem to do anything useful, like check the emails against a list.

@AdamBrousseau
Copy link
Collaborator

Maybe Mark knows an IBM reason. I thought we were just mirroring what OpenJ9/Eclipse were doing. The script only checks that the sign off is present. There is no list of names to compare against and it does not compare the sign off to the commit author. It may have been a legal reason along the lines of the author has signed off in agreement with the contributing guidelines. The better option would be to use gpg signing but I think that is unnecessary.

@mstoodle
Copy link
Member

Since we don't have a CLA, we need to be careful about who is allowed to make contributions (only PRs completely authored by current IBM employees should be merged), but I don't think the commit sign off was ever a validation of that requirement, especially given what @AdamBrousseau says above. I think we were just mirroring what we were expected to do at OpenJ9 for common process.

@pshipton
Copy link
Member

Does anyone have any objection to turning it off?

@keithc-ca
Copy link
Member

I thought the job was checking that the email address in the signed-off-by line was included in a list somewhere (as a way to reduce the need for committers to have to check that manually), but apparently I was wrong. Given it has less value than I thought, I have no objections to turning it off. Committers will just have to be (more) diligent.

@mstoodle
Copy link
Member

I am not aware of any strong reason to keep it, so I'm ok to turn it off (so long as committers continue to be diligent about only accepting IBM contributions).

@pshipton
Copy link
Member

As a first step, I've disabled the jenkins jobs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants