-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Contributing Working with DCO
All code submitted to Besu must have a Developer Certificate of Origin (DCO) sign-off. This page covers how to sign off your commits and what to do when the DCO check fails.
For the short version, see DCO.md in the main repository.
Every commit message needs a line like Signed-off-by: Your Legal Name <your-email@address>. You could add it manually each time, but it's easier to automate:
-
Set your legal name in the git configuration:
git config user.name "Legal Name" -
Set your email in the git configuration:
git config user.email "email@address" -
Add
-s(or--signoff) to all yourgit commitinvocations. To avoid typing it every time, add a git alias:git config --global alias.c 'commit --signoff'Then run
git cinstead ofgit commit. Most IDEs (such as IntelliJ IDEA) also have a "Sign-off commit" option in their commit dialog.
If you use the GitHub web UI for commits, make sure the Signed-off-by line uses the same email address as the commit author. You can use your GitHub noreply email address (username@users.noreply.github.com) if you keep your email private.
The merge of a PR must also carry a sign-off so the entire repository is known to be under the associated license. When merging a pull request through Squash and merge, there must be a Signed-off-by line for every contributor, plus one for you as the person merging; just make sure you don't delete them.
If the DCO check fails on your pull request, open the check's Details link and follow the instructions. In most cases the failure means one or more commits are missing a Signed-off-by line.
To add a sign-off to the most recent commit:
git commit --amend --signoffTo add sign-offs across several commits, use an interactive rebase, mark the offending commits as edit, and run git commit --amend --no-edit --signoff at each stop before continuing with git rebase --continue.
After amending or rebasing, force-push your branch:
git push --force-with-leaseNote
This procedure requires a maintainer with admin access to the repository and a force-push to a protected branch. It should only be needed in rare cases where a commit missing a sign-off reached main or a release branch.
A maintainer with admin access fixes the upstream branch:
-
Clone an up-to-date version of the broken branch.
-
Run
git commit --amend --signoffand ensure the appropriate sign-off is included in the commit message. -
Temporarily change the branch protection glob so it no longer matches the branch about to be force-pushed.
-
Force-push:
git push --force-with-lease origin main
-
Restore the branch protection glob to its previous value.
-
Announce the change in the contributors channel on Discord, for example: "The head of
mainforbesu-eth/besuhas been rebased to deal with a DCO issue; please follow the instructions on the Working with DCO wiki page to fix your local repositories."
Everyone else (only required if you were unlucky enough to check out the commit with the broken DCO) fixes their local repo:
git fetch origin-
git branch -f main origin/mainif your localmainis based off the upstreammain. - (Optionally)
git push --force FORK mainif you keep your fork'smainup to date. - For all branches based on the bad checkout:
git checkout $BRANCHgit rebase --interactive main- Remove the old
maincommit from the list.
If you get a DCO issue on a release branch while merging new commits in, fix it with a similar process:
-
git checkout release-x.y.zto check out the release branch. -
git merge mainto merge in the desired commits. -
git rebase -i HEAD~10to start an interactive rebase (replace10with the number of commits back that have DCO issues). - In the rebase file, find the commits with DCO issues and replace
pickwithedit. - Resolve any merge conflicts as the rebase proceeds.
- When the rebase stops at each commit, run
git commit --amend --no-edit --signoff. - Run
git rebase --continue, repeating steps 5-6 until done. - Push the changes with
git push --force-with-lease origin release-x.y.z.
Per the Linux Foundation Decentralized Trust (LF Decentralized Trust) charter, all code submitted to the project needs a Developer Certificate of Origin (DCO) sign-off. This certifies that you are able to submit your contribution under the license of the repository, and for it to be redistributed under that same license.
You "sign" this certificate by including a Signed-off-by: Legal Name <email-address> line in your git commit, using the email address associated with your GitHub account.
If you have any questions, you can reach us on Discord.
besu-eth/wiki and edits made here are overwritten on the next publish. To change a page, open a pull request against the source repo instead. See Home for how.
Contributing
Development & Testing
Developing & Conventions
Project Process
Governance
Incident Reports
- 2024-01-06 Mainnet Halting Event
- 2022-11-11 Fork on Sepolia
- 2022-05-30 Phishing PRs
- 2021-08-04 Value Transfer Public Transactions Rejected
- 2021-04-23 ATs Failures
Performance & Stability
- Improvements Since the Merge
- Memory Usage Investigations (23.7.3-RC)
- Reduce Memory Usage
- Testing Taskforce Brainstorming
- Q4 2022 Stability and Improvements
- Permissioned Chain Testing
Design Documents
- Design Documents
- Modular Besu
- Refactor EVM into a Standalone Library
- Bonsai Tries Design Overview
- Bonsai Archive Feature
- Bonsai Archive State Proofs
- Switchable Consensus Parameters
- SECP256R1 Support
- RPC Endpoint Service
- Feature Proposal Template
- Feature Flags
- CI/CD Tooling and Process
Programs & Mentorship