Re: SubmittingPatches: drop temporal reference for PGP signing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: "Junio C Hamano" <gitster@xxxxxxxxx>
Cornelius Weig <cornelius.weig@xxxxxxxxxxx> writes:

How about something along these lines? Does the forward reference
break the main line of thought too severly?

I find it a bit distracting for those who know PGP signing has
nothing to do with signing off your patch, but I think that is OK
because they are not the primary target audience of this part of the
document.

Agreed. I this case the target audience was those weren't aware of that.

I however am more worried that it may be misleading to mention these
two in the same sentence.  Those who skim these paragraphs without
knowing the difference between the two may get a false impression
that these two may somehow be related because they are mentioned in
the same sentence.

The retitling of section (5) you did, without any other change,
might be sufficient.  It may also help to be even more explicit in
the updated title, i.e. s/by signing off/by adding Signed-off-by:/

Maybe even s/by signing off/by adding your Signed-off-by:/ to be sure that the reader knows that it is _their certification_ that is being sought. Even if it does double up on the 'your'.


Thanks.

diff --git a/Documentation/SubmittingPatches b/Documentation/SubmittingPatches
index 08352de..c2b0cbe 100644
--- a/Documentation/SubmittingPatches
+++ b/Documentation/SubmittingPatches
@@ -216,12 +216,12 @@ that it will be postponed.
 Exception:  If your mailer is mangling patches then someone may ask
 you to re-send them using MIME, that is OK.

-Do not PGP sign your patch, at least for now.  Most likely, your
-maintainer or other people on the list would not have your PGP
-key and would not bother obtaining it anyway.  Your patch is not
-judged by who you are; a good patch from an unknown origin has a
-far better chance of being accepted than a patch from a known,
-respected origin that is done poorly or does incorrect things.
+Do not PGP sign your patch, but do sign-off your work as explained in (5). +Most likely, your maintainer or other people on the list would not have your +PGP key and would not bother obtaining it anyway. Your patch is not judged by +who you are; a good patch from an unknown origin has a far better chance of +being accepted than a patch from a known, respected origin that is done poorly
+or does incorrect things.

 If you really really really really want to do a PGP signed
 patch, format it as "multipart/signed", not a text/plain message
@@ -246,7 +246,7 @@ patch.
      *2* The mailing list: git@xxxxxxxxxxxxxxx


-(5) Sign your work
+(5) Certify your work by signing off

 To improve tracking of who did what, we've borrowed the
 "sign-off" procedure from the Linux kernel project on patches





[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]