Hi!
As most of you know, we've been using the "Signed-off-by: <name>
<email>" line in out commit messages more and more lately to indicate
who reviewed some change.
We've recently had an event in which one of these Signed-off-by lines
showed up with someone's name who didn't consider themselves to have
signed-off on the change. This is akin to saying someone gave a +1 for
some change when they did not. As an RTC community, that's worrisome.
I went reading the HBase book and was surprised to not find guidance on
how we expect this to work, so I'd like to have some discussion about
how we should treat these lines. I'll start this off by making
suggestions about what seems reasonable to me.
When a committer is applying some change in a commit:
* All individuals mentioned in a sign-off *must* be capable of giving a
binding vote (i.e. they are an HBase committer)
* Any individual in a sign-off *must* have given approval via an
explicit "+1" or the "Approved" via the Github Pull Request review function.
* Approval *must* be publicly visible and memorialized on the code
review (e.g. no private emails or chat message to give approval)
* The committer _should_ (not *must*) create a sign-off line for each
binding reviewer who gave approval
I think these are generally how we have been operating, but it would be
good to make sure they are documented as such.
Thoughts/concerns?
- Josh
