[Dev] Developer Certificate of Origin & Signed-off-by

Thiago Macieira thiago.macieira at intel.com
Fri Sep 27 17:37:51 GMT 2013


On sexta-feira, 27 de setembro de 2013 10:18:16, Patrick Ohly wrote:
> On Thu, 2013-09-26 at 12:39 -0700, Thiago Macieira wrote:
> > As per Linux Foundation policies, all collaborative projects hosted by the
> > Linux Foundation require a certificate of origin, whose terms are the same
> > for all projects. Therefore, the same certificate of origin for the
> > kernel applies to Tizen.
> > 
> > This means all commits submitted to Gerrit must contain a Signed-off-by
> > footer.
> How does that affect repos which clone an upstream repo into their
> "upstream" branch and then push that + packaging + local patches into
> the "tizen" branch?
> 
> The local patches and packaging commits of course can and must have the
> Signed-off-by footer, but the upstream commits they are based on may or
> may not have such a footer. Is it still allowed to commit those commits
> to the "tizen" branch?

I can check what the BKM might be. My guess is:

 * if you're importing a tarball or sources from any source control other than 
Git to the master (not tizen!) branch, sign it yourself

 * if you're importing the Git branch from an upstream source, keep it as-is, 
but sign the commits when you merge.

We could use git notes to store the sign-off of the upstream update. Or you can 
tag and sign-off.

I don't expect to find any BKM for this, though. If someone knows of any, let 
us know.

[Best Known Method]

-- 
Thiago Macieira - thiago.macieira (AT) intel.com
  Software Architect - Intel Open Source Technology Center
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.tizen.org/pipermail/dev/attachments/20130927/61a5ad1c/attachment.asc>


More information about the Dev mailing list