incubator-callback-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Filip Maj <...@adobe.com>
Subject Re: cordova git repos at apache - shadowed at github
Date Sat, 14 Jan 2012 00:48:11 GMT
Awesome, thanks a lot for your help Jukka.

On 12-01-13 4:44 PM, "Jukka Zitting" <jukka.zitting@gmail.com> wrote:

>Hi,
>
>On Fri, Jan 13, 2012 at 11:00 PM, Filip Maj <fil@adobe.com> wrote:
>> Yeah, add remote locally on your machine, pull in the changes, test it
>>out
>> locally. I assume checking CLA stuff is done by hand (as we have done
>>all
>> along anyways). Once you have it merged in locally you can easily push
>>it
>> up to the git apache repo. Theoretically that then will eventually get
>> mirrored back over to github.com/apache (and hopefully auto-close the
>>pull
>> request, too).
>
>Right. The pull requests on Github should get automatically closed as
>soon as the relevant commits hit the target repository. The only
>missing piece is the nice "Merge pull request" button that the Github
>UI provides, but with some effort I suppose we should be able to come
>up with something similar.
>
>>>Also, is all the author/committer stuff maintained properly in the
>>>commit?
>>> Are there some commit hooks to ensure the committer is really a
>>>committer,
>>>and that the author has signed the ICLA?  Guessing we'll have to do the
>>>ICLA check by hand.  But it would be nice to know that the info is
>>>maintained in the repo.
>>
>> Maybe Jukka knows the answer to this?
>
>The authentication when you use your committer account to push stuff
>to git-wip-us is tied to the ICLA you submitted, and that link is then
>internally associated with all Git commits that you push. From the ASF
>perspective that's enough legal audit trail as long as each committer
>is trusted to only push changes that they can contribute under the
>ICLA. (BTW, the lack of such a reliable commit >ICLA audit link is one
>of the key reasons why the ASF can't use Github as the canonical place
>for our repositories.)
>
>Normally when dealing with pull requests from contributors, there's no
>need for extra checks as section 5 of ALv2 [1] already covers
>licensing of intentionally submitted contributions. Thus no extra
>checks are needed when someone actively sends us a patch, a pull
>request or other contribution clearly intended for inclusion in Apache
>Cordova (and it's reasonable to expect that the contributor has the
>right to make such a contribution).
>
>The situation is a bit different when size of the contribution is
>significant (like an entire new component) or when the author of the
>code hasn't intentionally contributed it to us (like the third party
>files mentioned in the thread on NOTICE files). For dealing with such
>cases see the Incubator and the main Apache web sites (or ask us
>mentors).
>
>[1] http://www.apache.org/licenses/LICENSE-2.0
>
>BR,
>
>Jukka Zitting


Mime
View raw message