[libvirt] [PATCH hooks 1/1] Add check for Signed-off-by in commit messages

Mon Jan 22 14:11:06 UTC 2018

On 01/22/2018 02:20 PM, Peter Krempa wrote:
> On Mon, Jan 22, 2018 at 13:06:28 +0000, Daniel Berrange wrote:
>> On Mon, Jan 22, 2018 at 01:20:12PM +0100, Peter Krempa wrote:
>>> On Mon, Jan 22, 2018 at 12:05:19 +0000, Daniel Berrange wrote:
>>>> This extends the update hook so that it enforces a requirement to have a
>>>> Signed-off-by line in every commit message. This can be optionally
>>>> turned off in individual repos by setting the "hooks.allowmissingsob"
>>>> git config variable.
>>>>
>>>> Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
>>>> ---
>>>>  update | 16 +++++++++++++++-
>>>>  1 file changed, 15 insertions(+), 1 deletion(-)
>>>
>>> NACK, I don't like signoffs and I don't really think they achieve
>>> anything.
>>
>> A signoff with no documented meaning attached by the project is fairly
>> weak, as you would have to argue there was some commonly accepted signifance
>> to it across the community. A signoff which is explicitly associated with a
>> statement of intent has benefit, hence why I also sent a patch to clarify
>> that the signoff asserts compliance with the DCO. Adding these signoffs has
> 
> You can do the same by declaring that all patches have to comply to that
> and not mandating adding a line which will become eventually pointless
> since every patch will need to have it.
> 
> Also since there's no way to check that it's actually true, anybody can
> declare anything.

Sure, but then the burden is on you because you declared that you comply
with something by including that line while you cannot. I am no lawyer,
but if it can help us be stronger against law suits then so be it.

> Also the check itself can be fooled easily, so I think
> it's pointless altogether.
> 
>> little to no time burden on long term developers own work on a daily basis.
>> Just needs adding -s to "git commit" which quickly becomes engrained in
>> muscle memory such that you'll end up doing it for every project you find
> 
> Or you can defeat it entirely by adding it into your commit message
> template. I don't care about the added burden though. I don't really
> think it achieves anything.
> 
>> yourself contributing to. Many of our "drive by" contributors already do
>> this as habit, we'll just need to remind those that forget periodically.
> 
> I presonally signed-off < 5 commits in libvirt. So the last statement
> is untrue. Some people don't do it on purpose.
> 
> The sign-off by itself (whithout cryptographic signature) is just
> pointless. Validity with a cryptographic signature from drive-by
> contributors can still be unproven, but at least you don't get
> impersonation.
> 
> If everything is signed off, nothing really is.

Not true. I view DCO as an agreement between Libvirt entity (whomever
represented by) and individual contributor that they are allowed by they
employer (or copyright holder) to send the patch. And thus, if the
agreement is signed more than once, it doesn't matter (although,
employees, occupancies, company cultures change through time). It's
still valid. But if it is not signed at all that's the problem.

Also, we will surely never experience this at Red Hat, but I've heard
many urban legends when an employee was not allowed to send a patch to
the upstream (because of some corporate politics or whatever). And I
think those are the cases we should protect us from.

Michal