lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20181214172843.GA18703@himanshu-Vostro-3559>
Date:   Fri, 14 Dec 2018 22:58:43 +0530
From:   Himanshu Jha <himanshujha199640@...il.com>
To:     Joe Perches <joe@...ches.com>
Cc:     Jorge Ramirez-Ortiz <jorge.ramirez-ortiz@...aro.org>,
        apw@...onical.com, Andrew Morton <akpm@...ux-foundation.org>,
        Greg KH <gregkh@...uxfoundation.org>,
        linux-kernel@...r.kernel.org, niklas.cassel@...aro.org
Subject: Re: [PATCH] checkpatch: add Co-Developed-by to signature tags

On Fri, Dec 14, 2018 at 08:27:33AM -0800, Joe Perches wrote:
> On Fri, 2018-12-14 at 21:46 +0530, Himanshu Jha wrote:
> > On Fri, Dec 14, 2018 at 07:52:15AM -0800, Joe Perches wrote:
> > > On Fri, 2018-12-14 at 14:01 +0100, Jorge Ramirez-Ortiz wrote:
> > > > As per Documentation/process/submitting-patches, Co-developed-by is a
> > > > valid signature.
> > > > 
> > > > This commit removes the warning.
> > > 
> > > Your commit message doesn't match your subject.
> > > 
> > > A couple variants have been documented and only
> > > one should actually be used.
> > > 
> > > $ git grep -i co-developed-by Documentation/process/
> > > Documentation/process/5.Posting.rst: - Co-developed-by: states that the patch was also created by another developer
> > > Documentation/process/submitting-patches.rst:12) When to use Acked-by:, Cc:, and Co-Developed-by:
> > > Documentation/process/submitting-patches.rst:A Co-Developed-by: states that the patch was also created by another developer
> > > 
> > > $ git log --grep="co-developed-by:" -i | \
> > >   grep -ohiP "co-developed-by:" | sort | uniq -c | sort -rn
> > >      80 Co-developed-by:
> > >      40 Co-Developed-by:
> > > 
> > > So which should it be?
> > > 
> > > btw: I prefer neither as I think Signed-off-by: is sufficient.
> > 
> > OK, but does multiple Signed-off-by: in the commits imply that
> > the patch was created by all those developers ?
> > 
> > I don't think so, perhaps this was the reason to introduce
> > Co-developed-by: tag.
> 
> Perhaps, but a sign-off is also a recognition that the
> patch was passed-through by individuals

Yes, Agreed!

> Effectively, there's no real difference.
> 
> "Co-developed-by:" is just another word for "Authored-by:"
> where multiple "Authorship" is the thing being notated.
> 
> Is it really important to specify things like 75% / 25%
> authorship crediting?

IDK how that ratio came up into this discussion ?

Anyway, I saw on IIO list that a bunch of students were involved
in driver cleaning with the help of developers from Analog Devices
Inc who intially wrote some code snippets.

And that authorship crediting for Analog Devices folks would be
helpful distinguishing that it was not just passed-through and rather
they spent their time on it.

> I don't really care about attribution so the concept is
> not particularly valuable to me.

Well, it might not be valuable to you but it is for others and I saw
one such example in the past during my project.

At least I do care about those developers who spent a considerable
time on IIO list guiding students aside from their mainline work.


FYI, IIO has already +1'd for "Co-developed-by:"

-- 
Himanshu Jha
Undergraduate Student
Department of Electronics & Communication
Guru Tegh Bahadur Institute of Technology

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ