The docs for submitting a patch describe using your "Legal Name" with the Signed-off-by line. In recent times, there's been a general push back[1] against the notion that use of Signed-off-by in a project automatically requires / implies the use of legal ("real") names and greater awareness of the downsides. Full discussion of the problems of such policies is beyond the scope of this commit message, but at a high level they are liable to marginalize, disadvantage, and potentially result in harm, to contributors. TL;DR: there are compelling reasons for a person to choose distinct identities in different contexts & a decision to override that choice should not be taken lightly. A number of key projects have responded to the issues raised by making it clear that a contributor is free to determine the identity used in SoB lines: * Linux has clarified[2] that they merely expect use of the contributor's "known identity", removing the previous explicit rejection of pseudonyms. * CNCF has clarified[3] that the real name is simply the identity the contributor chooses to use in the context of the community and does not have to be a legal name, nor birth name, nor appear on any government ID. Since we have no intention of ever routinely checking any form of ID documents for contributors[4], realistically we have no way of knowing anything about the name they are using, except through chance, or through the contributor volunteering the information. IOW, we almost certainly already have people using pseudonyms for contributions. This proposes to accept that reality and eliminate unnecessary friction, by following Linux & the CNCF in merely asking that a contributors' commonly known identity, of their choosing, be used with the SoB line. [1] Raised in many contexts at many times, but a decent overall summary can be read at https://drewdevault.com/2023/10/31/On-real-names.html [2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d4563201f33a022fc0353033d9dfeb1606a88330 [3] https://github.com/cncf/foundation/blob/659fd32c86dc/dco-guidelines.md [4] Excluding the rare GPG key signing parties for regular maintainers Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> --- docs/governance.rst | 6 +++--- docs/hacking.rst | 9 ++++++--- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/docs/governance.rst b/docs/governance.rst index 44dd54d4a0..04bb739237 100644 --- a/docs/governance.rst +++ b/docs/governance.rst @@ -112,9 +112,9 @@ There are no special requirements to becoming a contributor other than having the interest and ability to provide a contribution. The libvirt project **does not require** any *"Contributor License Agreement"* to be signed prior to engagement with the community. However for contributing patches, providing a -'Signed-off-by' line with the author's legal name and e-mail address to -demonstrate agreement and compliance with the `Developer Certificate of -Origin <https://developercertificate.org/>`__ is required. +'Signed-off-by' line with the author's chosen name and e-mail address to +demonstrate agreement and compliance with the `Developer Certificate +of Origin <hacking.html#developer-certificate-of-origin>`__ is required. In making a non-patch contribution to the project, the community member is implicitly stating that they accept the terms of the license under which the diff --git a/docs/hacking.rst b/docs/hacking.rst index c2e79e4501..825b8b83d2 100644 --- a/docs/hacking.rst +++ b/docs/hacking.rst @@ -83,9 +83,12 @@ Contributors to libvirt projects **must** assert that they are in compliance with the `Developer Certificate of Origin 1.1 <https://developercertificate.org/>`__. This is achieved by adding a "Signed-off-by" line containing the contributor's name -and e-mail to every commit message. The presence of this line -attests that the contributor has read the above lined DCO and -agrees with its statements. +and e-mail to every commit message. The name should be the identity +the contributor has chosen to be known as in the context of the +community. It does not need to be a legal name, nor match any +formal ID documents, but should not be anonymous, nor misrepresent +who you are. The presence of this line attests that the contributor +has read the above linked DCO and agrees with its statements. Further reading =============== -- 2.46.0