Stop requiring signoff in commit messages? #644
Comments
|
OpenJ9 and OMR are Eclipse projects and must respect requirements that come with that relationship. This repository (and others in the ibmruntimes organization) have independent requirements: To my knowledge, the sign-off-by line is to satisfy an expectation imposed by IBM (that has not changed). |
|
Can somebody who knows (or knows how to easily find out) comment on the current signoff requirement? Maybe @mstoodle? |
|
@AdamBrousseau do you know any reason why we need the check? It doesn't seem to do anything useful, like check the emails against a list. |
|
Maybe Mark knows an IBM reason. I thought we were just mirroring what OpenJ9/Eclipse were doing. The script only checks that the sign off is present. There is no list of names to compare against and it does not compare the sign off to the commit author. It may have been a legal reason along the lines of the author has signed off in agreement with the contributing guidelines. The better option would be to use gpg signing but I think that is unnecessary. |
|
Since we don't have a CLA, we need to be careful about who is allowed to make contributions (only PRs completely authored by current IBM employees should be merged), but I don't think the commit sign off was ever a validation of that requirement, especially given what @AdamBrousseau says above. I think we were just mirroring what we were expected to do at OpenJ9 for common process. |
|
Does anyone have any objection to turning it off? |
|
I thought the job was checking that the email address in the signed-off-by line was included in a list somewhere (as a way to reduce the need for committers to have to check that manually), but apparently I was wrong. Given it has less value than I thought, I have no objections to turning it off. Committers will just have to be (more) diligent. |
|
I am not aware of any strong reason to keep it, so I'm ok to turn it off (so long as committers continue to be diligent about only accepting IBM contributions). |
|
As a first step, I've disabled the jenkins jobs. |
The OpenJ9 and OMR repositories used to require this, but they no longer do. I believe it was originally a requirement from Eclipse that was later dropped. If signoff is required here for the same reason as it was there, it should be possible to remove the signoff check in PRs. And if it's possible to remove the requirement and the check, then we should do so, or else they will be an unnecessary annoyance. This suggestion applies to any/all openj9-openjdk-jdk* repos that still require signoff now.
The text was updated successfully, but these errors were encountered: