swcurran
commented
12 months ago Arrggh...the commits accepted via the interface are not signed off. Dang. @ryjones --- please help, what do I need to do?
Closed swcurran closed 11 months ago
swcurran
commented
12 months ago Arrggh...the commits accepted via the interface are not signed off. Dang. @ryjones --- please help, what do I need to do?
ryjones
commented
12 months ago @swcurran better?
swcurran
commented
12 months ago Thanks! Much appreciated. I hate when that happens…
BTW — is there anyway to use the UI to accept such comments and have DCO. The UI said “Accept and Sign Off”, so I assumed that was enough. Did I just need to ignore the sign off and put my normal “Signed-off-by: Stephen Curran swcurran@gmail.com” into the comment?
ryjones
commented
11 months ago @swcurran it is enabled in for UI signoffs. I think the issue is the email you signed off with doesn't match the one you committed with.
swcurran
commented
11 months ago Ah…I’ve seen that in other contexts in the UI — when I create and submit my own commits via the edit interface. I have only one GitHub account, but two emails associated with it. It’s not visible which one I’m “using” at the time (at least I don’t see it). When I use the “edit” UI I always sign with both email addresses. I guess the same here.
Thanks
tkuhrt
commented
11 months ago Resolves #48
swcurran
commented
11 months ago Arrghh…DCO problems. I pushed the latest updates from @denyeart .
swcurran
commented
11 months ago @ryjones — looks like more issues when using the GUI to apply changes. Could you pretty please fix?
arsulegai
commented
11 months ago @ryjones — looks like more issues when using the GUI to apply changes. Could you pretty please fix?
@swcurran the issue was with the presence of merge commits. Removed them and force pushed, the DCO check passes now.
tkuhrt
commented
11 months ago Approved in September 28th TOC meeting:
Put forward by PeterS Seconded by Arun Votes: TracyK - For BobbiM - For JimZ - For PeterS - For Arnaud - For DavidE - For StephenC - For Rama - For MarcusB - For Arun - For
Merging...
Per discussion, this puts the Hyperledger security vulnerability disclosure policy into the Security document, and adds a "security-template.md" for Projects to use in creating their project- (or repository-) specific document.
As noted, the Hyperledger Policy is not a template, but explains the policy and requirements, and outlines the best practices. In appropriate places, an Alternative: tag is used to define what options a project has from the best practices. The template, on the other hand is just that -- and can usually simply be copied from the template, pasted into a project
SECURITY.mdfile, and updated per the instructions (\<tl;dr> remove instructions, update "PROJECT" to the project name). Since all of the alternatives are in the primary document, they are not included in the template at all.Hope that works. I tried not to change any of the intent of the document, just the arrangement of the words :-).
Enjoy!
Signed-off-by: Stephen Curran swcurran@gmail.com