DCO

Owned by Felipe Faraggi
Last updated: Aug 27, 2024 by Sally MacFarlane
3 min read

TL;DR:

If you don't want to break the DCO check, ensure all your commits have signoff.

Git has a built-in mechanism to allow this with the -s or --signoff argument to git commit command, providing your user.name and user.email have been setup correctly.

git config user.name "FIRST_NAME LAST_NAME"

git config user.email "MY_NAME@example.com"

you can also set up a git global alias - see below

How to work with DCO

When Committing

You need to ensure that every commit message has a line "Signed-off-by: Your Legal Name <your-email@address>", and while you could add that manually every time, here are the steps to follow so the computer can add it for you:

  1. Set your legal name in the git configuration:
    git config user.name "Legal Name" 
  2. Set your email in the git configuration:
    git config user.email "email@address" 
  3. Add the -s  or --signoff  to all git commit  invocations.
    1. Add a git alias:
      git config --global alias.c 'commit --signoff'
      and then run "git c" instead of "git commit"
    2. In IntelliJ

When Merging

The merge or a PR must also have a DCO so we can know the entire repository is under the associated license.

  1. When Merging a Pull Request through "squash and merge", there must be a Signed-off-by line for every contributor, and you as the person merging - just make sure you don't delete them (smile).

When you have a DCO failure on your PR from DCO Bot

'

Click on that "Details" link and follow the instructions.

When you have a DCO failure on your PR from CI

On Circle CI you will see:

In the full Console Output you will see DCO is checked on ALL branches:

Checking commits in branch origin/main for commits missing DCO...
Checking commits in branch origin/merge for commits missing DCO...
11b5f95dd5ef51af398f8b343b266debadd6f0b9 is missing Signed-off-by line.
Checking commits in branch origin/pull/2497 for commits missing DCO...
Checking commits in branch origin/release-21.10.x for commits missing DCO...
Checking commits in branch origin/release-22.1.0 for commits missing DCO...

Exited with code exit status 1

If the commit missing the signoff is on main branch, you will need to contact a Besu Maintainer Admin (main rebase required).

If the commit missing the signoff is on a non-main branch (eg merge in the example above), and you are a Besu maintainer, you should be able to force-push to that branch (eg rollback the most recent commit). 

Why?

As per section 12.a of the Hyperledger Charter all code submitted to the Hyperledger Foundation needs to have a Developer Certificate of Origin (DCO) sign-off.

This certifies that you are able to submit your contribution to our repository under the license of the repository, and for the contribution to be redistributed under that same license.

You can "sign" this certificate by including a line in the git commit of "Signed-off-by: Legal Name <email-address>", using the email address associated with your GitHub account.


Feel free to check out this tutorial for more help.


As per section 12.a of the Hyperledger Charter all code submitted to the Hyperledger Foundation needs to have a Developer Certificate of Origin (DCO) sign-off.

The sign off needs to be using your legal name, not a pseudonym. Git has a built-in mechanism to allow this with the -s or --signoff argument to git commit command, providing your user.name and user.email have been setup correctly.

If you have any questions, you can reach us on Discord