On 2018-02-07 23:43:44, Ard Biesheuvel wrote: > On 8 February 2018 at 01:35, Laszlo Ersek <ler...@redhat.com> wrote: > > On 02/08/18 00:48, Kinney, Michael D wrote: > >> Laszlo, > >> > >> The BmpSupportLib content was from contributions from > >> a capsule related branch. However, the BmpSupportLib > >> can be used for UX capsules as well as other places that > >> conversions between BMP and GOP BLT buffers are needed, > >> so it is a more generic feature. The SafeIntLib was also > >> based on content from the same capsule related branch but > >> also has uses other than capsules. > >> > >> Yes. I need to add Signed-off-by for Sean. > > I will note once again that our signed off by deviates from other > usage in the industry. > > Usually, a sign off is not an assertion of authorship. It means that > the submitter is able to submit the code under the license that covers > it. > > In our case, it means authorship,
>From "TianoCore Contribution Agreement 1.1": "You" or "Contributor" shall mean the copyright owner or legal entity authorized by the copyright owner that is making a Contribution hereunder. For reference, the kernel DCO: https://www.kernel.org/doc/html/latest/process/submitting-patches.html#developer-s-certificate-of-origin-1-1 Maybe the kernel does make it clearer in some ways, but I don't think it has to be the actual author for EDK II. One argument for following the kernel process might be that more people that work on open source are familiar with it. > which is why we as > reviewers/maintainers add 'reviewed-by' not 'signed-off-by' like we do > in the linux kernel. Maybe this is more about the fact that sub-systems don't do pull requests in EDK II, but just push the changes directly? > So what if I want to merge code that is available under a suitable > license, but the author is not available to give his sign off, or > there are many (hundreds) of authors etc etc? The whole point of open > source licensing is that we don't *need* the explicit sign off of the > authors, because the license tells us what we can and cannot do with > the code. > > I guess this is also related to the DCO vs contributed-under tags, but > in general, I think adding the sign off of people who are not involved > in the actual upstreaming of the code is wrong, and it is perfectly > fine for the author not to be in a s-o-b line. It does seem like it would be preferable (or simpler?) for the author to publicly note that they wrote it and give their Signed-off-by under the contribution agreement. Given the wording from the contribution agreement, it appears that it would also be fine to just use Mike's Signed-off-by if he is authorized to contribute the code even though he didn't author it. -Jordan _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
