DCO check fails with commits not in PR, from another author

[kieckhafer]

We've been seeing this issue a lot recently (I've personally seen it three times in the past week, and others on my team have brought it up as well). We create a new branch off our default develop branch, make a few changes that are DCO approved, and yet DCO bot fails saying commits by other developers are not signed off.

This PR is the latest example:

1. I made a new branch off our main branch
2. I made all my changes in three commits (all signed-off) https://github.com/reactioncommerce/reaction/pull/5307/commits/16e3a71e64ec793f3f3f71b34174172cbbf70d8c https://github.com/reactioncommerce/reaction/pull/5307/commits/90b6757204419ec6ca58e215162f26e2fb5febb9 https://github.com/reactioncommerce/reaction/pull/5307/commits/035b5747f6844ee982fa99598360b873e2ffd2b7
3. I made a PR, and am receiving a failed DCO check, from another developer with commits not in this PR: https://github.com/reactioncommerce/reaction/pull/5307/checks?check_run_id=166954847

UPDATE: Another example just popped up: https://github.com/reactioncommerce/reaction/pull/5320/checks?check_run_id=167950629

[hiimbex]

It seems to me the issue occurs on only the first 'set' of commits pushed to the PR? We use https://developer.github.com/v3/repos/commits/#compare-two-commits in order to access the list of commits. Maybe for some reason this branch is also returning its base commit as well and causing the issue? Never seen this behavior before, maybe GitHub/the DCO is confused by your branch off a branch workflow?

I'm sorry I can't really investigate this further, but happy to review PRs. For now a viable workflow seems just to be push another commit to retrigger the check?

GitHub Developer

Commits

Get started with one of our guides, or jump straight into the API documentation.

[stale[bot]]

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?