community-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Owen O'Malley" <owen.omal...@gmail.com>
Subject Re: Apache Project Maturity Model - CD50 - Commit Messages & Git
Date Mon, 04 Sep 2017 16:01:29 GMT
Actually, I'm not sure what the problem is with the original text. For my
projects, I use the commit from the pull request, but I amend it with:

* "Fixes #999" - so that the Apache to github automation closes the pull
request
* Sign the commit with:
   * Signed-off-by in the commit message (via -s)
   * GnuPG sign the commit (via -S)
* Ensure the Apache jira id is in the commit message
* Squash it to a single commit

That does mean the commit gets a new hash, but it preserves both the
contributor's id and ensure the provenance of each commit. I would argue
that this approach is far stronger than CD50 requires.

.. Owen

On Mon, Sep 4, 2017 at 5:17 AM, Bertrand Delacretaz <bdelacretaz@apache.org>
wrote:

> Hi John,
>
> On Mon, Aug 28, 2017 at 3:24 AM, John D. Ament <johndament@apache.org>
> wrote:
> > ...I'm wondering is there a way to restate this, to make it work when
> using
> > pull requests?...
>
> The current text is "when third-party contributions are committed,
> commit messages provide reliable information about the code
> provenance".
>
> Would "commit messages or similar mechanisms" work for you, or do you
> have a better suggestion?
>
> -Bertrand
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@community.apache.org
> For additional commands, e-mail: dev-help@community.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message