1 |
> On 28 Jul 2021, at 05:07, Joonas Niilola <juippis@g.o> wrote: |
2 |
> |
3 |
> Summary: |
4 |
> Make it clearer that a sign-off to a git commit is only required from |
5 |
> the committer, not from the author. It's only encouraged for the |
6 |
> authors. |
7 |
> |
8 |
|
9 |
Big thanks for working on this. It seems reasonable to me and you know |
10 |
that I've got strong feelings on including more contributors -- as have you! |
11 |
|
12 |
I have some thoughts I've outlined below about _possible_ clarifications |
13 |
we could make, but they're not objections to this as-is. |
14 |
|
15 |
For the benefit of the archive/anyone who isn't caught up: |
16 |
it may be worth reading robbat2's thread for additional context/thoughts/ |
17 |
discussion on this [0]. |
18 |
|
19 |
> Rationale: |
20 |
> 1. We're actively rejecting contributions from people who do not wish to |
21 |
> have their real name shown in public, or link it to their Git* |
22 |
> accounts. |
23 |
> |
24 |
|
25 |
This has been a matter of complaint from contributors, often wanting to make |
26 |
trivial or small changes for quite some time, and is the real motivation |
27 |
for me in wanting to see a change. |
28 |
|
29 |
> 2. We have no way of knowing or confirming whether the given name is |
30 |
> "legal". I'd rather not have the sign-off from the author in the first |
31 |
> place than see clearly made up names in there, with a fresh-made Git* |
32 |
> account with no prior activity. |
33 |
> |
34 |
|
35 |
Maybe we could add that developers should drop signoffs from people |
36 |
with pseudonyms (I'm thinking where the contributor freely admits such, |
37 |
not where we're guessing - in case it's added accidentally or out of habit, |
38 |
etc). |
39 |
|
40 |
I understand if you'd rather not get into that, but I was thinking |
41 |
this would be useful to avoid having the debates in future if someone |
42 |
ends up retaining it. I'd like to know if I should be dropping it in such cases, |
43 |
but maybe we can just reach that via consensus on the ML. |
44 |
|
45 |
Just a thought. |
46 |
|
47 |
> 3. Recently we've had a couple of cases where our long-standing |
48 |
> contributors, with ~300 commits in total, reveal they've been using |
49 |
> pseudonyms. I'm sure there are many others. AFAIK all their commits |
50 |
> should then be revoked, and possibly future contributions rejected |
51 |
> due to trust issues? |
52 |
|
53 |
I don't think that's written down anywhere and part of the problem |
54 |
is that at least in the UK, AFAIK, if it's a name you're legitimately using, |
55 |
it's yours -- even if you weren't born with it, and so on. |
56 |
|
57 |
So, my point is, even if a contributor is trying to be honest with us, |
58 |
it doesn't mean we can assume anything about the validity of past statements. |
59 |
|
60 |
But again, not looking to get into that either way. I'm generally happy |
61 |
people have felt comfortable enough to be honest with us knowing |
62 |
the potential risks. |
63 |
|
64 |
> |
65 |
> 4. As said, there are already devs committing work from people we |
66 |
> know to have made-up names. And/or there are devs committing patches |
67 |
> without the sign-off to begin with. |
68 |
> |
69 |
|
70 |
Yep. I think the worst thing for everybody is when developers end up committing |
71 |
as themselves but note the patch is from XYZ because it just makes the git |
72 |
history slightly less useful. It doesn't change the contribution at all. |
73 |
|
74 |
> 5. The infra git-hooks currently only check for a matching sign-off |
75 |
> from the committer anyway. |
76 |
> |
77 |
> Final words: |
78 |
> So currently, this GLEP can be interpreted in two different ways: the |
79 |
> sign-off is and isn't required from the author. This does harm |
80 |
> towards contributors who work with devs who do require the sign-off |
81 |
> from the author, and thus the GLEP needs to be updated and enforced |
82 |
> one way or the other. I vote what benefits our contributors, and |
83 |
> therefore us, better. |
84 |
|
85 |
+1. |
86 |
|
87 |
> |
88 |
> Signed-off-by: Joonas Niilola <juippis@g.o> |
89 |
> --- |
90 |
> [snip] |
91 |
|
92 |
[0] https://archives.gentoo.org/gentoo-project/message/26d68349541e4db54a93edf57d6e7404 |
93 |
|
94 |
best, |
95 |
sam |