Disable DCO CI requirement to so called "sign-off" commits

[derMart]

Hi,

this is a bit of a preference, but happens to annoy and slow me down:
The CI workflow complains about missing, so called "sign-off" messages in commits. See #232 and the details https://github.com/nextcloud/cms_pico/pull/232/checks?check_run_id=11414302996.
Git does not add sign-off messages by default and adding them afterwards as advised in the details page via:

rebase HEAD~11 --signoff

just does not work, or more precise results in alot of rebase conflicts which I do not have time for frankly. So, I won't do this anymore. Generally, what is the point to require those "sign-off" messages? IMHO they do not add any information or value to a commit. It is not like these are proper digital signatures based on private / public key cryptography. This is just a plain text field anyone can fake. Would you consider to remove the DCO requirement?

best

[PhrozenByte]

This is a Nextcloud requirement imposed on any app that wants to be part of the Nextcloud community (like cms_pico, we want to be part of the Nextcloud community), so no, unfortunately we can't merge 3rd party contributions that aren't signed off. The signoff requirement is not about digital signatures, but about the conscious confirmation that the DCO was noted and is agreed on when contributing. See https://github.com/nextcloud/server/blob/master/.github/CONTRIBUTING.md and https://en.wikipedia.org/wiki/Developer_Certificate_of_Origin There are some easements for members of the Nextcloud organization, because one can assume that they agreed to the terms at the moment they joined the Nextcloud organization, but anyone else must agree and show their agreement by signing the commits off. Git's signoff feature is mostly used for this and that's probably why the Git developers decided that one has to do it manually. You can either git rebase --signoff once when you think your PR is ready for merge, or sign at commit time with git commit -s.

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in two days if no further activity occurs. Thank you for your contributions! 👍

[derMart]

@PhrozenByte Thanks alot for the explanation. I do see quite a lot of problems with this kind of requirement, which I am happy to share actually. But beforehand, I would just do another ping and tell you that I think the PR is ready :-). If you have some time to review and merge this would be very nice. I think it is important to move forward and get cms_pico working under php 8.1.