Developer Certificate of Origin - kaikokeke/kaikokeke GitHub Wiki

TOC

What is DCO?

The Developer Certificate of Origin (DCO) is a lightweight way for contributors to certify that they wrote or otherwise have the right to submit the code they are contributing to the project.

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I
    have the right to submit it under the open source license
    indicated in the file; or

(b) The contribution is based upon previous work that, to the best
    of my knowledge, is covered under an appropriate open source
    license and I have the right under that license to submit that
    work with modifications, whether created in whole or in part
    by me, under the same open source license (unless I am
    permitted to submit under a different license), as indicated
    in the file; or

(c) The contribution was provided directly to me by some other
    person who certified (a), (b) or (c) and I have not modified
    it.

(d) I understand and agree that this project and the contribution
    are public and that a record of the contribution (including all
    personal information I submit with it, including my sign-off) is
    maintained indefinitely and may be redistributed consistent with
    this project or the open source license(s) involved.

Contributors to the Kaikokeke project sign-off that they adhere to these requirements by adding a Signed-off-by line to commit messages. We use commitlint to ensures that all commits are signed by the contributor, and Probot: DCO to check whether or not commits in a Pull Request do not contain a valid Signed-off-by line.

:warning: Warning: If you don't want to expose your private email in the commit information, you can use the noreply email adress provided by Github.

How to add sign-off

This manual should help you to add the required Signed-off-by: Your Name <[email protected]> to your commits in the pull request.

Commitizen

The preconfigured commitizen commit script signs the commit by default:

$ yarn commit
$ cz -s

This is the easiest and recommended way to make changes to the repository, without any additional configuration or actions.

Safe plain-vanilla

You can always manually sign your commit messages.

$ git commit

docs(kaikokeke): update README

Signed-off-by: Your Name <[email protected]>

Git even has a -s or --signoff command line option to append this automatically to your commit message:

$ git commit -s -m 'docs(kaikokeke): update README'

Github UI

If you are using online editing in Google Chrome or Firefox you can use the dco-gh-ui Extension

How to add sign-offs retroactively

Amend single commit

If there is only a single commit in your pull request, adding the signature is as simple as:

git commit --amend --no-edit --signoff
git push -f origin <your branch here>

You can always squash several commits together.

Rebase

If there is more than one commit in your pull request and your git client is modern enough (2.13+), rebase the required number of commits with --signoff:

git rebase --signoff HEAD^^

Write ^ as many times as there are commits in your pull request. Then, force push:

git push -f origin <your branch here>

Interactive rebase

If there is more than one commit in your pull request and your git is older than 2.13, you can do an interactive rebase with message editing:

git rebase -i HEAD^^

Write ^ as many times as there are commits in your pull request. A text will open; ensure that there are only your recent commits listed there. Otherwise, exit the file and repeat the rebase command with the correct number of ^.

Now, mark all the commits with "reword" or "r". The rebase process will stop at each of your commits.

Execute as many times as you are asked to:

git commit --amend --no-edit --signoff
git rebase --continue

Then, force push:

git push -f origin <your branch here>