[codex] Check pull request DCO sign-offs#19
Merged
Conversation
Check every pull request commit for a Signed-off-by trailer with the native Git trailer parser. Report each unsigned commit so missing DCO certification is caught by CI before review. Signed-off-by: Nirmoy Das <nirmoyd@nvidia.com>
arighi
approved these changes
Jul 1, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Signed-off-bytrailerWhy
PR #16 required a manual review comment to catch a missing sign-off even though
CONTRIBUTING.mdrequires one on every commit. This adds the corresponding CI check without introducing another third-party action.The job keeps
contents: read, does not persist checkout credentials, and passes GitHub-provided SHAs through environment variables instead of interpolating pull-request metadata into shell source.Validation
c99fd512aae436e926ff4d42be8486d8f51f48cb883d4d204577a48ea66e39940decf1cfa0c1d167go run github.com/rhysd/actionlint/cmd/actionlint@latest .github/workflows/ci.ymlcargo +stable fmt --all -- --checkcargo +stable test --all-targets --locked(308 passed)