For copyright entitlement attribution by author tag or Co-authored-by tag should suffice. (possibly augmented by a copyright line in the file header).
Committer identity (in Git by digital signatures) matters if you require 'an audit trail / forensic evidence'. So it only really starts mattering when in a dark place already, but that's how most deterrents work and plenty of those in the world. (not an argument to start doing that, just a response to Justin) On Tue, Nov 8, 2022 at 9:51 AM Matthew Benedict de Detrich <[email protected]> wrote: > Right this I understand, when I said "precise" traceability I was talking > about precise tracking via git commit's which is not necessarily the same > thing as knowing who wrote which code (this was in context of github > creating its own commits because we do a rebase via the github UI). With > this example of Github UI, in such a case it's still very clear who wrote > the code but it doesn't perfectly align with the "traditional git way". > > On Tue, Nov 8, 2022 at 9:36 AM Justin Mclean <[email protected]> > wrote: > > > Hi, > > > > > Precise traceability of who wrote which exact portions code isn't of > any > > > critical importance in open source projects, authorship is. > > > > > > IMO, who wrote the code determines who owns it (them or their employer), > > and that impacts how it can be licensed and if that can be contributed to > > an ASF project. This is critical, even if it rarely an issue. > > > > Kind Regards, > > Justin > > > > -- > > Matthew de Detrich > > *Aiven Deutschland GmbH* > > Immanuelkirchstraße 26, 10405 Berlin > > Amtsgericht Charlottenburg, HRB 209739 B > > Geschäftsführer: Oskari Saarenmaa & Hannu Valtonen > > *m:* +491603708037 > > *w:* aiven.io *e:* [email protected] >
