[mpich-devel] [mpich-discuss] Use of Signed-off-by in MPICH

Jed Brown jedbrown at mcs.anl.gov
Mon Jan 6 13:21:44 CST 2014

Michael Blocksome <blocksom at us.ibm.com> writes:

> IBM uses the "signed off by" feature to enforce/track code reviews before 
> any code gets contributed to ANL. The intent is that the commit author != 
> the commit signer when the code goes out. Often a developer at ANL will 
> also review the code before it gets integrated into the master branch (IBM 
> developers don't have push authority) and sign the commit again.

So the last stage (whoever makes the actual commit) is already available
because Git has separate fields for Committer and Author, as shown by
"git log --format=fuller".

> We use the text "Signed-off-by:xxxx <yyy at zzz>" simply because this is what 
> is supported by the git tools. You can use commands like `git cherry-pick 
> -s`, `git commit --amend -s`, and `git am -s` to ease the signing effort. 

Yes, though this only adds your own name.  Do you email patches around
until then?  When I started this thread, I pointed out a recent case
where the author and committer were the same, but someone else was
providing a Signed-off-by.  Either the commit went back and forth or
(more likely) the committer amended the commit to add a Signed-off-by
From the reviewer.  The idea with Git's -s is that you only ever sign
for yourself, though if you integrate out-of-band content, you may copy
the Signed-off-by tag provided by that other person.  So the design of
the -s option is not a perfect match, but I can see that it's often
convenient.  In contrast, Reviewed-by, Acked-by, and similar are almost
always a result of the author or committer translating out-of-band
information (e.g., an email discussion).

If you want to automatically add Reviewed-by tags, you could use
.git/hooks/prepare-commit-msg, for example.

Of course you can keep using Signed-off-by in place of Reviewed-by,
though it causes some confusion for people new to the project,
attempting to track provenance when either extracting code or using
submodules with other projects that use the usual conventions, or
scripts providing repository analytics.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.mpich.org/pipermail/devel/attachments/20140106/844fb8c8/attachment.pgp>

More information about the devel mailing list