On 2015-02-09 16:00, Stephen Mallette wrote:
Mentors, I had some questions as to how we proceed when we receive a pull
request:
1. If the PR is from someone we know to have signed an ICLA, then it's easy
to go ahead and merge, but how do we verify github users submitting PRs
whom we don't know by their ID? I found this page:
http://people.apache.org/committer-index.html which seems to be a public
listing of people who have signed....do we just use that to verify such
things?
If they have an ICLA and a committer account, I would suggest emailing
[email protected] to verify their identity. Alternately, if they do
have an ICLA on file and they are producing several commits, you may
consider inviting them as committers on TinkerPop. That way they can
commit their own stuff to the repo and we'll have proper provenance.
If they are not yet Apache committers but they have an ICLA on file, you
can...check the email they set in the commit/PR and ask secretary@
whether that email is associated with an ICLA (or ask a member or an
infra person).
2. Just to clarify, a person who signs an ICLA for Apache is covered for
all Apache projects. It's not like they sign an ICLA for each project they
commit to. Is that right?
Correct, it's for anything you contribute to the ASF as a foundation,
it's not tied to any projects,
Thanks,
Stephen
