[Bug Infrastructure/29615] prototype & document SOP for signed-git-op repo

ezannoni at gmail dot com sourceware-bugzilla@sourceware.org
Mon Sep 26 17:39:01 GMT 2022


Elena Zannoni <ezannoni at gmail dot com> changed:

           What    |Removed                     |Added
                 CC|                            |ezannoni at gmail dot com

--- Comment #3 from Elena Zannoni <ezannoni at gmail dot com> ---
Butting in... 
Serhei, yes that document. I think this is also worth taking a look at:
Has the use of the tags spelled out, and the roles of the reviewers and the
submitters of patches and what they "agree" to do/represent.

In addition, there is the SPDX license identifier thing, that the kernel has.
For further supply chain security/identification/SBOMs and whatnot. 

I am not saying to mimic everything exactly, but to get an idea of what the
kernel was trying to solve with these things.

Note that the kernel workflow is different, only the maintainers push code to
the repo (in the majority of the subsystems), for other projects it might not
be the same (such as the GNU toolchain write after approval case).

You are receiving this mail because:
You are the assignee for the bug.

More information about the Overseers mailing list