Iroha Release Request: Discussion related to DCO and sign-off setbacks

Sara Garifullina <garifullina@...>

Dear TSC Members,

Is there any issue with DCO at all right now? We are not yet sure if this is actually an issue in our codebase. We made this assumption based solely on Hyperledger Chapter, section 13: "All contributions shall be accompanied by a Developer Certificate of Origin sign-off ( that is submitted through a Governing Board and LF-approved contribution process". 

Nikolai is going to check with Silona Bonewald if there is a document or reference in LF or Hyperledger that clearly states that git sign-off (-s) option is the only approved option to submit a contribution with DCO. A quick review of this whole story: before 2018 our project used CLA hub tool:, which requested any new member to submit their agreement explicitly for their first pull request. This was a required check, but something suddenly changed in 2018 (if I remember correctly) and Linux Foundation IT team requested us to use -s option instead of introduction of DCO bot in CI pipeline. DCO bot, an example of one of the bot's checks:; so that each contribution in GitHub is checked by this bot now. 

Nikolai cannot find any discussion related to this decision and would be happy to find out how this happened. As you can see from meeting agenda during the TSC call when Iroha progressed from Incubation to Active state, Makoto told that the project is going to use CLA hub tool, so TSC members should've been informed about that:

If there is an issue with DCO — should we modify Git commit history? Nikolai's personal opinion is not exactly — we must not modify who did what (commit authors should remain unchanged) and thus squash of all old commits is not an option; but if the correction is required for 1.0 codebase one of our maintainers will go over each of 7k commits and add a sign-off message (which results in change of committer — authors will remain unchanged).

Join to automatically receive all group messages.