Re: [DISCUSS] Automated DCO enforcement via bot

Misha Brukman <mbru...@...>

The policy is encoded in the JanusGraph project charter; see section 8 "Intellectual property policy", part (b):
  • paragraph (i) requires a CLA
  • paragraph (ii) requires DCO sign-off in addition┬áto the CLA

On Sun, Sep 23, 2018 at 7:56 AM, Jason Plurad <plu...@...> wrote:
Are both the CLA and DCO required for Linux Foundation contributors? It'd be a lot easier if we only needed one or the other.

On Saturday, September 22, 2018 at 9:47:44 PM UTC-4, Misha Brukman wrote:
Hi all,

Right now, the only bot-automated enforcement is the CLA signature, but not the Developer Certificate of Origin, which is a requirement of The Linux Foundation. This is a bit of a pain to do manually, and I haven't had time to add it to the CLA verification tool we're using.

I noticed some CNCF repos are using this bot:
to do the enforcement automatically, and I (inadvertently) tested it as I didn't realize one of the repos had a DCO requirement, and it worked flawlessly!

What are your thoughts on adding it to the JanusGraph repos? This means it'll be a blocker to PR submission, just like failing Travis CI.

This should have no functional change, since everyone should be signing those commits already; this will just enforce it automatically so it doesn't have to be checked by a human.


You received this message because you are subscribed to the Google Groups "JanusGraph developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
To post to this group, send email to
To view this discussion on the web visit
For more options, visit

Join to automatically receive all group messages.