project icon indicating copy to clipboard operation
project copied to clipboard
verified publisher icon servo

DCO Bot

Open asajeffrey opened this issue 5 years ago • 6 comments

To enforce DCO, the simplest thought would be to install the DCO Bot: https://github.com/apps/dco

asajeffrey avatar Sep 15 '20 19:09 asajeffrey

We'd need to make sure this played well with the other bots, e.g. the wpt sync bot.

asajeffrey avatar Sep 15 '20 19:09 asajeffrey

Easiest test case would probably be this repo.

asajeffrey avatar Sep 15 '20 19:09 asajeffrey

I installed the DCO bot, but I can't use it to protect the master branch in this repo because it's a private repo and we're not Pro.

asajeffrey avatar Sep 16 '20 16:09 asajeffrey

This is no longer a private repo, and it has already DCO bot. Can we close this issue? Or we would like to enable this for more repos on Servo organization?

I don't have the background about previous discussions on this sorry.

mrego avatar Nov 02 '23 10:11 mrego

I think we'd need this for the Servo repository as well.

mrobinson avatar Nov 02 '23 10:11 mrobinson

A prerequisite is that all bots that make commits are able to sign off on their commits.

mrobinson avatar Nov 02 '23 11:11 mrobinson

There is https://github.com/dcoapp/app?tab=readme-ov-file#skipping-sign-off-for-organization-members

sagudev avatar Jun 14 '24 17:06 sagudev

I think we could turn this one now. In addition we might want to add more instructions for contributors to use the -s option when using git to sign their commits.

mrobinson avatar Jun 16 '24 08:06 mrobinson

We should also do https://github.blog/changelog/2022-06-08-admins-can-require-sign-off-on-web-based-commits/ to enable signoffs of commits made via GitHub UI.

sagudev avatar Jul 08 '24 14:07 sagudev

I have enabled the DCO bot for various servo repositories: servo, mozjs, webxr, media. These are essentially the core servo repositories that are essentially not community supported dependencies.

We should also do https://github.blog/changelog/2022-06-08-admins-can-require-sign-off-on-web-based-commits/ to enable signoffs of commits made via GitHub UI.

This is also done now.

I'm going to close this issue for now and if we need to extend DCO bot to other repositories we can open a new bug to track that.

mrobinson avatar Jul 09 '24 17:07 mrobinson

We should also do https://github.blog/changelog/2022-06-08-admins-can-require-sign-off-on-web-based-commits/ to enable signoffs of commits made via GitHub UI.

This is also done now.

I think this was done only for servo/servo, as I didn't get sign-off option on mozjs via GitHub UI. I suggest we do this organization wide for all repos: https://github.blog/changelog/2022-06-08-admins-can-require-sign-off-on-web-based-commits/#how-to-enable-required-signoffs-for-an-organization

sagudev avatar Jul 26 '24 12:07 sagudev

I think this was done only for servo/servo, as I didn't get sign-off option on mozjs via GitHub UI. I suggest we do this organization wide for all repos: https://github.blog/changelog/2022-06-08-admins-can-require-sign-off-on-web-based-commits/#how-to-enable-required-signoffs-for-an-organization

Done.

mrobinson avatar Jul 26 '24 13:07 mrobinson