Message ID | 20241021190939.1482466-1-berrange@redhat.com (mailing list archive) |
---|---|
State | New |
Headers | show |
Series | docs: explicitly permit a "commonly known identity" with SoB | expand |
On 10/21/24 12:09, Daniel P. Berrangé wrote: > The docs for submitting a patch describe using your "Real Name" with > the Signed-off-by line. Although somewhat ambiguous, this has often > been interpreted to mean someone's legal name. > > In recent times, there's been a general push back[1] against the notion > that use of Signed-off-by in a project automatically requires / implies > the use of legal ("real") names and greater awareness of the downsides. > > Full discussion of the problems of such policies is beyond the scope of > this commit message, but at a high level they are liable to marginalize, > disadvantage, and potentially result in harm, to contributors. > > TL;DR: there are compelling reasons for a person to choose distinct > identities in different contexts & a decision to override that choice > should not be taken lightly. > > A number of key projects have responded to the issues raised by making > it clear that a contributor is free to determine the identity used in > SoB lines: > > * Linux has clarified[2] that they merely expect use of the > contributor's "known identity", removing the previous explicit > rejection of pseudonyms. > > * CNCF has clarified[3] that the real name is simply the identity > the contributor chooses to use in the context of the community > and does not have to be a legal name, nor birth name, nor appear > on any government ID. > > Since we have no intention of ever routinely checking any form of ID > documents for contributors[4], realistically we have no way of knowing > anything about the name they are using, except through chance, or > through the contributor volunteering the information. IOW, we almost > certainly already have people using pseudonyms for contributions. > > This proposes to accept that reality and eliminate unnecessary friction, > by following Linux & the CNCF in merely asking that a contributors' > commonly known identity, of their choosing, be used with the SoB line. > > [1] Raised in many contexts at many times, but a decent overall summary > can be read at https://drewdevault.com/2023/10/31/On-real-names.html > [2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d4563201f33a022fc0353033d9dfeb1606a88330 > [3] https://github.com/cncf/foundation/blob/659fd32c86dc/dco-guidelines.md > [4] Excluding the rare GPG key signing parties for regular maintainers > > Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> > --- > .gitlab-ci.d/check-dco.py | 5 ++++- > docs/devel/submitting-a-patch.rst | 7 ++++++- > 2 files changed, 10 insertions(+), 2 deletions(-) Acked-by: Richard Henderson <richard.henderson@linaro.org> r~
On 21/10/24 16:09, Daniel P. Berrangé wrote: > The docs for submitting a patch describe using your "Real Name" with > the Signed-off-by line. Although somewhat ambiguous, this has often > been interpreted to mean someone's legal name. > > In recent times, there's been a general push back[1] against the notion > that use of Signed-off-by in a project automatically requires / implies > the use of legal ("real") names and greater awareness of the downsides. > > Full discussion of the problems of such policies is beyond the scope of > this commit message, but at a high level they are liable to marginalize, > disadvantage, and potentially result in harm, to contributors. > > TL;DR: there are compelling reasons for a person to choose distinct > identities in different contexts & a decision to override that choice > should not be taken lightly. > > A number of key projects have responded to the issues raised by making > it clear that a contributor is free to determine the identity used in > SoB lines: > > * Linux has clarified[2] that they merely expect use of the > contributor's "known identity", removing the previous explicit > rejection of pseudonyms. > > * CNCF has clarified[3] that the real name is simply the identity > the contributor chooses to use in the context of the community > and does not have to be a legal name, nor birth name, nor appear > on any government ID. > > Since we have no intention of ever routinely checking any form of ID > documents for contributors[4], realistically we have no way of knowing > anything about the name they are using, except through chance, or > through the contributor volunteering the information. IOW, we almost > certainly already have people using pseudonyms for contributions. > > This proposes to accept that reality and eliminate unnecessary friction, > by following Linux & the CNCF in merely asking that a contributors' > commonly known identity, of their choosing, be used with the SoB line. > > [1] Raised in many contexts at many times, but a decent overall summary > can be read at https://drewdevault.com/2023/10/31/On-real-names.html > [2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d4563201f33a022fc0353033d9dfeb1606a88330 > [3] https://github.com/cncf/foundation/blob/659fd32c86dc/dco-guidelines.md > [4] Excluding the rare GPG key signing parties for regular maintainers > > Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> > --- > .gitlab-ci.d/check-dco.py | 5 ++++- > docs/devel/submitting-a-patch.rst | 7 ++++++- > 2 files changed, 10 insertions(+), 2 deletions(-) > +The name used with "Signed-off-by" does not need to be your legal name, > +nor birth name, nor appear on any government ID. It is the identity you > +choose to be known by in the community, but should not be anonymous, > +nor misrepresent whom you are. Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
diff --git a/.gitlab-ci.d/check-dco.py b/.gitlab-ci.d/check-dco.py index 632c8bcce8..6a06afffe5 100755 --- a/.gitlab-ci.d/check-dco.py +++ b/.gitlab-ci.d/check-dco.py @@ -79,7 +79,10 @@ To indicate acceptance of the DCO every commit must have a tag - Signed-off-by: REAL NAME <EMAIL> + Signed-off-by: YOUR NAME <EMAIL> + +where "YOUR NAME" is your commonly known identity in the context +of the community. This can be achieved by passing the "-s" flag to the "git commit" command. diff --git a/docs/devel/submitting-a-patch.rst b/docs/devel/submitting-a-patch.rst index 83e9092b8c..10b062eec2 100644 --- a/docs/devel/submitting-a-patch.rst +++ b/docs/devel/submitting-a-patch.rst @@ -18,7 +18,7 @@ one-shot fix, the bare minimum we ask is that: * - Check - Reason - * - Patches contain Signed-off-by: Real Name <author@email> + * - Patches contain Signed-off-by: Your Name <author@email> - States you are legally able to contribute the code. See :ref:`patch_emails_must_include_a_signed_off_by_line` * - Sent as patch emails to ``qemu-devel@nongnu.org`` - The project uses an email list based workflow. See :ref:`submitting_your_patches` @@ -335,6 +335,11 @@ include a "From:" line in the body of the email (different from your envelope From:) that will give credit to the correct author; but again, that author's Signed-off-by: line is mandatory, with the same spelling. +The name used with "Signed-off-by" does not need to be your legal name, +nor birth name, nor appear on any government ID. It is the identity you +choose to be known by in the community, but should not be anonymous, +nor misrepresent whom you are. + There are various tooling options for automatically adding these tags include using ``git commit -s`` or ``git format-patch -s``. For more information see `SubmittingPatches 1.12
The docs for submitting a patch describe using your "Real Name" with the Signed-off-by line. Although somewhat ambiguous, this has often been interpreted to mean someone's legal name. In recent times, there's been a general push back[1] against the notion that use of Signed-off-by in a project automatically requires / implies the use of legal ("real") names and greater awareness of the downsides. Full discussion of the problems of such policies is beyond the scope of this commit message, but at a high level they are liable to marginalize, disadvantage, and potentially result in harm, to contributors. TL;DR: there are compelling reasons for a person to choose distinct identities in different contexts & a decision to override that choice should not be taken lightly. A number of key projects have responded to the issues raised by making it clear that a contributor is free to determine the identity used in SoB lines: * Linux has clarified[2] that they merely expect use of the contributor's "known identity", removing the previous explicit rejection of pseudonyms. * CNCF has clarified[3] that the real name is simply the identity the contributor chooses to use in the context of the community and does not have to be a legal name, nor birth name, nor appear on any government ID. Since we have no intention of ever routinely checking any form of ID documents for contributors[4], realistically we have no way of knowing anything about the name they are using, except through chance, or through the contributor volunteering the information. IOW, we almost certainly already have people using pseudonyms for contributions. This proposes to accept that reality and eliminate unnecessary friction, by following Linux & the CNCF in merely asking that a contributors' commonly known identity, of their choosing, be used with the SoB line. [1] Raised in many contexts at many times, but a decent overall summary can be read at https://drewdevault.com/2023/10/31/On-real-names.html [2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d4563201f33a022fc0353033d9dfeb1606a88330 [3] https://github.com/cncf/foundation/blob/659fd32c86dc/dco-guidelines.md [4] Excluding the rare GPG key signing parties for regular maintainers Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitlab-ci.d/check-dco.py | 5 ++++- docs/devel/submitting-a-patch.rst | 7 ++++++- 2 files changed, 10 insertions(+), 2 deletions(-)