Closed swcurran closed 11 months ago
Arrggh...the commits accepted via the interface are not signed off. Dang. @ryjones --- please help, what do I need to do?
@swcurran better?
Thanks! Much appreciated. I hate when that happens…
BTW — is there anyway to use the UI to accept such comments and have DCO. The UI said “Accept and Sign Off”, so I assumed that was enough. Did I just need to ignore the sign off and put my normal “Signed-off-by: Stephen Curran swcurran@gmail.com” into the comment?
@swcurran it is enabled in for UI signoffs. I think the issue is the email you signed off with doesn't match the one you committed with.
Ah…I’ve seen that in other contexts in the UI — when I create and submit my own commits via the edit interface. I have only one GitHub account, but two emails associated with it. It’s not visible which one I’m “using” at the time (at least I don’t see it). When I use the “edit” UI I always sign with both email addresses. I guess the same here.
Thanks
Resolves #48
Arrghh…DCO problems. I pushed the latest updates from @denyeart .
@ryjones — looks like more issues when using the GUI to apply changes. Could you pretty please fix?
@ryjones — looks like more issues when using the GUI to apply changes. Could you pretty please fix?
@swcurran the issue was with the presence of merge commits. Removed them and force pushed, the DCO check passes now.
Approved in September 28th TOC meeting:
Put forward by PeterS Seconded by Arun Votes: TracyK - For BobbiM - For JimZ - For PeterS - For Arnaud - For DavidE - For StephenC - For Rama - For MarcusB - For Arun - For
Merging...
Per discussion, this puts the Hyperledger security vulnerability disclosure policy into the Security document, and adds a "security-template.md" for Projects to use in creating their project- (or repository-) specific document.
As noted, the Hyperledger Policy is not a template, but explains the policy and requirements, and outlines the best practices. In appropriate places, an Alternative: tag is used to define what options a project has from the best practices. The template, on the other hand is just that -- and can usually simply be copied from the template, pasted into a project
SECURITY.md
file, and updated per the instructions (\<tl;dr> remove instructions, update "PROJECT" to the project name). Since all of the alternatives are in the primary document, they are not included in the template at all.Hope that works. I tried not to change any of the intent of the document, just the arrangement of the words :-).
Enjoy!
Signed-off-by: Stephen Curran swcurran@gmail.com