On Mon, Jan 22, 2018 at 12:05:19 +0000, Daniel Berrange wrote: > This extends the update hook so that it enforces a requirement to have a > Signed-off-by line in every commit message. This can be optionally > turned off in individual repos by setting the "hooks.allowmissingsob" > git config variable. > > Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; > --- > update | 16 +++++++++++++++- > 1 file changed, 15 insertions(+), 1 deletion(-) NACK, I don't like signoffs and I don't really think they achieve anything.

On Mon, Jan 22, 2018 at 13:06:28 +0000, Daniel Berrange wrote: > On Mon, Jan 22, 2018 at 01:20:12PM +0100, Peter Krempa wrote: > > On Mon, Jan 22, 2018 at 12:05:19 +0000, Daniel Berrange wrote: > > > This extends the update hook so that it enforces a requirement to have a > > > Signed-off-by line in every commit message. This can be optionally > > > turned off in individual repos by setting the "hooks.allowmissingsob" > > > git config variable. > > > > > > Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; > > > --- > > > update | 16 +++++++++++++++- > > > 1 file changed, 15 insertions(+), 1 deletion(-) > > > > NACK, I don't like signoffs and I don't really think they achieve > > anything. > > A signoff with no documented meaning attached by the project is fairly > weak, as you would have to argue there was some commonly accepted signifance > to it across the community. A signoff which is explicitly associated with a > statement of intent has benefit, hence why I also sent a patch to clarify > that the signoff asserts compliance with the DCO. Adding these signoffs has You can do the same by declaring that all patches have to comply to that and not mandating adding a line which will become eventually pointless since every patch will need to have it. Also since there's no way to check that it's actually true, anybody can declare anything. Also the check itself can be fooled easily, so I think it's pointless altogether.

> little to no time burden on long term developers own work on a daily basis. > Just needs adding -s to "git commit" which quickly becomes engrained in > muscle memory such that you'll end up doing it for every project you find Or you can defeat it entirely by adding it into your commit message template. I don't care about the added burden though. I don't really think it achieves anything.

> yourself contributing to. Many of our "drive by" contributors already do > this as habit, we'll just need to remind those that forget periodically. I presonally signed-off < 5 commits in libvirt. So the last statement is untrue. Some people don't do it on purpose. The sign-off by itself (whithout cryptographic signature) is just pointless. Validity with a cryptographic signature from drive-by contributors can still be unproven, but at least you don't get impersonation.

If everything is signed off, nothing really is.

NACK still stands.

On Mon, Jan 22, 2018 at 13:57:07 +0000, Daniel Berrange wrote: > On Mon, Jan 22, 2018 at 02:20:52PM +0100, Peter Krempa wrote: > > On Mon, Jan 22, 2018 at 13:06:28 +0000, Daniel Berrange wrote: > > > On Mon, Jan 22, 2018 at 01:20:12PM +0100, Peter Krempa wrote: > > > > On Mon, Jan 22, 2018 at 12:05:19 +0000, Daniel Berrange wrote: > > > > > This extends the update hook so that it enforces a requirement to have a > > > > > Signed-off-by line in every commit message. This can be optionally > > > > > turned off in individual repos by setting the "hooks.allowmissingsob" > > > > > git config variable. > > > > > > > > > > Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; > > > > > --- > > > > > update | 16 +++++++++++++++- > > > > > 1 file changed, 15 insertions(+), 1 deletion(-) [..] > > The sign-off by itself (whithout cryptographic signature) is just > > pointless. Validity with a cryptographic signature from drive-by > > contributors can still be unproven, but at least you don't get > > impersonation. > > I think these are two different axis. The sob isn't trying to address the > question of impersonation. It obviously has as a starting point that you > accept the identity of the submitter to some degree. I accept that if you > have cryptographically signed patches, that would give a stronger > validation of identity, but there's never any absolutes. So not having > a crypto signature doesn't make the sob invalid. In that case basically nothing changes, since if we are going to use this to be safe from licensing disputes, the reviewer/commiter still needs to make sure that the code complies with our licensing. Asserting the signoff changes nothing in that regard > > > If everything is signed off, nothing really is. > > I don't really see that. > > > NACK still stands. > > You are nacking something that you've accepted above will have no negative > impact on your work, but has potentially significant upside to the project. > That is very disappointing. I think that by doing this we'll put too much false hope into the "potentially significant upside". I just hope it will not bite us. Anyone can assert, or sign-off anything [1]. Given the overwhelmingly positive approach to this retract my NACK, the only thing that will change in general is that my commits will grow one line.

On Mon, Jan 22, 2018 at 01:22:01PM +0100, Ján Tomko wrote: > On Mon, Jan 22, 2018 at 12:05:19PM +0000, Daniel P. Berrange wrote: > > This extends the update hook so that it enforces a requirement to have a > > Signed-off-by line in every commit message. This can be optionally > > turned off in individual repos by setting the "hooks.allowmissingsob" > > git config variable. > > > > Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; > > --- > > update | 16 +++++++++++++++- > > 1 file changed, 15 insertions(+), 1 deletion(-) > > > > Given that signed-off-by lines are pointless for patches authored and > committed by the same person, They are not pointless. They provide an explicit assertion that the author is acknowledged they are permitted to make the contribution under the project's license. This is distinct from the Author/Committer info in the commit, because that is added automatically my git with no thought required by the developer.

> NACK unless the hooks.allowmissingsob will be set in the main > libvirt.git (I don't really care about other repos). I'm intending it to be set in *every* repository include libvirt.git. There is no real world burden for developers to add a signed-off-by line to the commits they contribute to the project,

and it puts us in a stronger legal position going forward. It is already commonplace across countless open source projects, including many that we interact & build on in libvirt.

Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| -- libvir-list mailing list libvir-list(a)redhat.com https://www.redhat.com/mailman/listinfo/libvir-list

This extends the update hook so that it enforces a requirement to have a Signed-off-by line in every commit message. This can be optionally turned off in individual repos by setting the "hooks.allowmissingsob" git config variable. Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com&gt; --- update | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-)

It's also easier than the : Reviewed-by: John Ferlan <jferlan(a)redhat.com&gt; line that I keep in a "cheats" file that I always have open so that I don't have to add it for patches I review. Of course, I could also just say ACK, but the R-b seems so much more authoritative.

Now if I could only remember or figure out a way to add it to any patches I push without having to remember to go back and rebase --interactive to add it (which I rarely ever do).