Enforce "Developer Certificates of Origin" on all contributions
AKA: As a project owner I want a predefined push rule to not allow commits that were not signed-off so the contributors has a better validation error when they do not comply with the rule
The implementation could like the following:
Current solution
Currently this is possible by using a regex Signed-off-by:.+<.+@.+>
Actions to take here
- Add a new checkbox in the "Push rules" section to "Reject commits that aren't signed-off"
- When this setting is enabled, ensure the web-based commit interface clearly shows that the user accepts the DCO
- When this setting is enabled, ensure the
Signed-off-by
Git trailer is added to the web-based commit
References: &8456 (comment 1040180285)
Release notes
The Developer Certificate of Origin (DCO) is a per-commit sign-off made by a contributor stating that they have the right to submit the code to the project. By signing off, they agree to the terms published at https://developercertificate.org for that particular contribution.
Now, you can easily enforce this Developer Certificate via a per-project setting. When enabled, all new commits must include such a certificate of origin in form of a line in the commit message "signed-off-by".