[antlr-interest] pull requests at github

Kyle Ferrio kferrio at gmail.com
Wed Jul 11 15:48:58 PDT 2012 

Ter & Kirby,

I like simple [1], and when simple is not-so-simple I like to shift the
burden off people like me because I know how attentive I am to bookkeeping
when I'm in the flow.

As I understand git's signoff feature [2], it applies a non-repudiatable
stamp.  That's a good feature and speaks to Ter's "contributor hashcode"
concept.  So if the signoff also  -- and this is key -- includes or
encapsulates (e.g. with a message digest) teh agreement or the
version-number of the agreement [3] then I think we're golden.

[1] hat-tip to Oliver aka Dr. Simple.
[2] which is to say, not at all.
[3] It would be a mistake to assume the agreement will never evolve.

Kyle


On Wed, Jul 11, 2012 at 3:30 PM, Kirby Bohling <kirby.bohling at gmail.com>wrote:

> I'm not sure if this workflow will work for you.  As I understand it, git
> includes the "--signoff" feature.  I'm not sure I understand all the
> details, but I know it is essentially to help facilitate that everything
> was done in good faith, and there is a provenance review of all code going
> into the Linux kernel.  It might be worth investigating if that can be used
> as a template for implementation, or piggy backed upon directly.
>
>
> http://stackoverflow.com/questions/1962094/what-is-the-sign-off-feature-in-git-for
>
> Kirby
>
>
>
>
> On Wed, Jul 11, 2012 at 5:25 PM, Terence Parr <parrt at cs.usfca.edu> wrote:
>
>> Hi Kyle,
>>
>> interesting. so, in the commit message, they would have a link or
>> something to a certificate of origin.  Maybe once they've made the commit,
>> they can go to the ANTLR site and submit the commit hash to a website where
>> they can click "I give the rights etc." which gives them another SHA1 hash
>> or something that combines their user information with the commit hash.
>> They can then add this to their commit message or perhaps simply in the
>> pull request instead of the commit.
>>
>> Maybe I should just create a hash for each new contributor, that sort of
>> like their current generator ID. Then, they can simply include this in
>> their pull request and I can check against my ID list.
>>
>> Ter
>>
>> On Jul 11, 2012, at 2:20 PM, Kyle Ferrio wrote:
>>
>> > It would be nice to have a permanent, easily auditable yet unobtrusive
>> > record of contributor testimony.  There is such a mechanism: the commit
>> > log.  It would be easy for any GitHub user to include a link to the
>> contrib
>> > agreement in a commit message on his branch before calling for a pull.
>> > Ideally this would be done with a standardized meta-tag to make it easy
>> for
>> > the person (or machine) accepting the pull request.
>> >
>> > I agree that it would be great if GitHub would add this to the pull
>> request
>> > itself.
>> >
>> > Kyle
>> > On Jul 11, 2012 1:25 PM, "Terence Parr" <parrt at cs.usfca.edu> wrote:
>> >
>> >> Usually, these pull requests are one offs so a click wrap license
>> would be
>> >> ideal. Those that continue to contribute,  could sign the full meal
>> deal.
>> >>
>> >> Hmm…yeah, maybe you're right. we need a page that covers all pull
>> requests
>> >> from a particular account.
>> >>
>> >> it would be nice to have a link or text in each committed pull request
>> to
>> >> show the certificate of origin. Any ideas there?
>> >>
>> >> Ter
>> >> On Jul 11, 2012, at 1:13 PM, Sam Harwell wrote:
>> >>
>> >>> Generally, you'd have someone send you a signed consent form, separate
>> >> from
>> >>> the pull request itself, that covers "pull requests sent to the ANTLR
>> >>> project from account ____" owned by that person. If you get a pull
>> >> request
>> >>> from someone who doesn't already have that agreement in place, send
>> them
>> >> a
>> >>> message that you need the consent form before being able to consider
>> the
>> >>> request.
>> >>>
>> >>> --
>> >>> Sam Harwell
>> >>> Owner, Lead Developer
>> >>> http://tunnelvisionlabs.com
>> >>>
>> >>> -----Original Message-----
>> >>> From: Terence Parr [mailto:parrt at cs.usfca.edu]
>> >>> Sent: Wednesday, July 11, 2012 3:05 PM
>> >>> To: ANTLR interest
>> >>> Subject: [antlr-interest] pull requests at github
>> >>>
>> >>> Howdy,
>> >>>
>> >>> people are now submitting nice pull request to the ANTLR project
>> >> software,
>> >>> but I have to keep the license clean. That's why I used to accept
>> things
>> >>> through the feedback page:
>> >>>
>> >>> http://www.antlr.org/misc/feedback
>> >>>
>> >>> or with the contributors license agreement. I submitted a feature
>> >> request to
>> >>> github to add such a license granting clause to the pull requests.
>> they
>> >> like
>> >>> the idea, but I haven't heard back about implementation.
>> >>>
>> >>> What if we set up a webpage similar to the feedback page (current text
>> >>> enclosed at the bottom) with a text box where people can submit a URL
>> to
>> >> a
>> >>> pull request, certifying the origin of the material in that pull
>> request.
>> >>> The name/username/email etc. would have to match.very messy.
>> >>>
>> >>> As a result of the certificate of origin, I could automatically post a
>> >>> comment to the pull request so that it somehow links the certificate.
>> >>>
>> >>> Does anybody have any process or legal advice?
>> >>>
>> >>> Ter
>> >>>
>> >>> Submission certification of origin and rights
>> >>>
>> >>> By hitting the submit button, you are warranting and representing that
>> >> you
>> >>> have the right to release this code or other content free of any
>> >> obligations
>> >>> to third parties and are granting Terence Parr and ANTLR project
>> >>> contributors, henceforth referred to as The ANTLR Project, a license
>> to
>> >>> incorporate it into The ANTLR Project tools (such as ANTLRWorks and
>> >>> StringTemplate) or related works under the BSD license. (For large new
>> >> code
>> >>> submissions or major new functionality, The ANTLR Project will ask
>> you to
>> >>> become an official ANTLR project contributor). You understand that The
>> >> ANTLR
>> >>> Project may or may not incorporate your submission and you warrant and
>> >>> represent the following:
>> >>> I created this submission. I am the author of all contributed work
>> >> submitted
>> >>> and further warrant and represent that such work is my original
>> creation
>> >> and
>> >>> I have the right to license it to The ANTLR Project for release under
>> the
>> >>> BSD license. I hereby grant The ANTLR Project a nonexclusive,
>> >> irrevocable,
>> >>> royalty-free, worldwide license to reproduce, distribute, prepare
>> >> derivative
>> >>> works, and otherwise use this contribution as part of the ANTLR
>> project,
>> >>> associated documentation, books, and tools at no cost to The ANTLR
>> >> Project.
>> >>> I have the right to submit. This submission does not violate the
>> rights
>> >> of
>> >>> any person or entity and that I have legal authority over this
>> submission
>> >>> and to make this certification.
>> >>> If I violate another's rights, liability lies with me. I agree to
>> defend,
>> >>> indemnify, and hold The ANTLR Project and ANTLR users harmless from
>> any
>> >>> claim or demand, including reasonable attorney fees, made by any third
>> >> party
>> >>> due to or arising out of my violation of these terms and conditions
>> or my
>> >>> violation of the rights of another person or entity.
>> >>> I have read this and do so certify
>> >>>
>> >>> List: http://www.antlr.org/mailman/listinfo/antlr-interest
>> >>> Unsubscribe:
>> >>>
>> http://www.antlr.org/mailman/options/antlr-interest/your-email-address
>> >>>
>> >>
>> >>
>> >> List: http://www.antlr.org/mailman/listinfo/antlr-interest
>> >> Unsubscribe:
>> >> http://www.antlr.org/mailman/options/antlr-interest/your-email-address
>> >>
>> >
>> > List: http://www.antlr.org/mailman/listinfo/antlr-interest
>> > Unsubscribe:
>> http://www.antlr.org/mailman/options/antlr-interest/your-email-address
>>
>>
>> List: http://www.antlr.org/mailman/listinfo/antlr-interest
>> Unsubscribe:
>> http://www.antlr.org/mailman/options/antlr-interest/your-email-address
>>
>
>

More information about the antlr-interest mailing list