[Dctrl-tools-devel] development model

Antti-Juhani Kaijanaho antti-juhani at kaijanaho.fi
Thu Nov 8 20:34:27 UTC 2007 

On Thu, Nov 08, 2007 at 02:44:30PM -0500, Jon Bernard wrote:
> I assume both of these cases begin with cloning the repository?

Yeah, I assume you already have a cloned repository at hand :) 
It isn't usually necessary to clone more than once. 

> > 		# BTW, just to be on the safe side,
> > 		# please post to the list what you understand
> > 		# signing-off to mean :)
> 
> To me this means that the patch committed is tested and works to the
> best of my knowledge. How far off am I?

That's one half of it.  The other half is that it's a legal pledge, and
this is why I asked :)  The canonical definition (in the context of
dctrl-tools) of what it means is defined in the debian/README file,
please read it[1].  To summarise:

By including the line

  Signed-Off-By: Your Name <your at email.example>

in your commit (or patch) description (with the name and the email
address changed to match yours, obviously), you are making the statement
embodied in the Developer's Certificate of Ownership version 1.1 (see
below) with respect to that particular commit (or patch)

The DCO originated with the Linux kernel around the time when SCO
started making noises about copyright infringement in Linux.  It's a
simple and lightweight method of adding traceability to free software:
If it can be proved that a particular developer actually did add the
Signed-Off-By, and if it can be proven that that developer understood
what it means to add Signed-Off-By, then they would, in theory, be
accountable for the copyright purity of a particular change should it
ever be held in question.

In particular, do NOT sign-off a patch if you aren't prepared to testify
under oath in a court of law, if necessary, to the copyright and
licensing status of the commit.

I'm not currently requiring a Signed-Off-By in dctrl-tools commits, but
I strongly recommend adding it whenever possible.

[1] The git stuff in that file is not necessarily good.  But I'm not
referring to that part of it here.


		 DEVELOPER'S CERTIFICATE OF ORIGIN 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have
the right to submit it under the open source license indicated in the
file; or

(b) The contribution is based upon previous work that, to the best of my
knowledge, is covered under an appropriate open source license and I
have the right under that license to submit that work with
modifications, whether created in whole or in part by me, under the same
open source license (unless I am permitted to submit under a different
license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person
who certified (a), (b) or (c) and I have not modified it; and

(d) In the case of each of (a), (b), or (c), I understand and agree that
this project and the contribution are public and that a record of the
contribution (including all personal information I submit with it,
including my sign-off) is maintained indefinitely and may be
redistributed consistent with this project or the open source license
indicated in the file.

© 2005 Open Source Development Labs, Inc. The Developer's Certificate of
Origin 1.1 is licensed under a Creative Commons Attribution-ShareAlike
2.5 License. If you modify you must use a name or title distinguishable
from "Developer's Certificate of Origin" or "DCO" or any confusingly
similar name. 

The aforementioned license can be accessed through
  http://creativecommons.org/licenses/by-sa/2.5/

-- 
Antti-Juhani Kaijanaho, Jyväskylä, Finland
http://antti-juhani.kaijanaho.fi/newblog/
http://www.flickr.com/photos/antti-juhani/

More information about the Dctrl-tools-devel mailing list