Which is irrelevant as git is DVCS which means commits are local and their metadata can be forged. Period. End of story.
Dave, we keep meticulous records of who pushed what to all of our version control assets because without them provenance cannot be established definitively. In the case of usergrid we'd need to subpoena those records from github, assuming they even keep them for any length of time. This puts us in an untenable situation of compromising foundation goals simply because committers on a PODLING refuse to be inconvenienced in any perceptible way. Sorry, but no. Usergrid needs to bring their workflow into compliance with the org's policy on this matter, and it needs to do so right now. Furthermore the Incubator probably should require another round of IP clearance for what's already there given how long usergrid has been in a state of non- compliance. HTH On Wednesday, June 18, 2014 11:49 AM, Dave <[email protected]> wrote: On Wed, Jun 18, 2014 at 11:13 AM, jan i <[email protected]> wrote: On 18 June 2014 16:05, Dave <[email protected]> wrote: > >> Can you please provide a link to the ASF policy that specifies this rule >> because the above sentence does not make sense to me. Commits from an >> incoming GitHub PR *always* occur on GitHub. >> >> In our process the commit that merges a PR also happens on GitHub but the >> commit that merges the PR into ASF Git happens on ASF Git, from a >> committer. >> >> Where is the rule that says a sync process cannot be used? >> >if the committer is clearly identified and not hidden by some git common >user, I cannot see sync as a problem. > >BUT if sync happens with one user, and not the original committer we loose >traceability and that would break our policy. That is not the case, no matter which committer does the commit that merges the PR into ASF Git, the history of the original PR commits and who did each is preserved. - Dave
