| 1 |
On Mon, Jun 25, 2018 at 11:53 AM Denis Dupeyron <calchan@g.o> wrote: |
| 2 |
> |
| 3 |
> I want to note here that if this comes into effect, and becomes |
| 4 |
> mandatory, some critical pieces of Gentoo would go unmaintained for |
| 5 |
> months, if not longer and possibly indefinitely, until the employer of |
| 6 |
> the maintainers allows them to sign whatever it is you would require. |
| 7 |
|
| 8 |
Just to get you to elaborate a bit more: is this a concern with the |
| 9 |
Gentoo DCO in particular, or any requirement to sign off on anything? |
| 10 |
|
| 11 |
It is probably worth nothing that the DCO (either upstream's or |
| 12 |
Gentoo's) is just an affirmation of compliance. It doesn't actually |
| 13 |
have any binding statements on the signer. You aren't signing away |
| 14 |
any rights or accepting any restrictions, and it doesn't constitute a |
| 15 |
contract as far as I can tell. It is merely a statement of fact about |
| 16 |
a commit. |
| 17 |
|
| 18 |
That said, part of me does wonder as such whether we're just as |
| 19 |
covered by a policy that requires all commits be redistributable, |
| 20 |
training all developers in it, and leaving it at that. That would |
| 21 |
basically be the status quo, and I don't think anybody is going to |
| 22 |
object to a policy that says only stuff we can legally distribute goes |
| 23 |
in the repos. That really isn't any more restrictive than our general |
| 24 |
social contract. |
| 25 |
|
| 26 |
Ultimately this is all just reasonable care. Somebody can add a |
| 27 |
signed-off-by without reading the DCO just as they can do a commit |
| 28 |
without reading our policy on what is allowed to be committed. Is the |
| 29 |
one standard truly any more defensible than the other? |
| 30 |
|
| 31 |
-- |
| 32 |
Rich |
Archives