AW: QT4 CG Meeting 002 Minutes, 2022-09-13

I have written some new qt4 tests for fn:intersperse, and I’m encountering the same problem as Michael did. My latest commits need to be signed to be accepted:

https://github.com/qt4cg/qt4tests/pull/18

So far, I haven’t spent more than an hour to make this work. I eventually wondered if we need this strict rule for our workflow: The number of contributors is small and well-known, and I assume that no pull request will simply be merged without someone having had a brief look at its contents.

If we decide to disable the rule, it could probably be done by looking at Settings » Branches » Branch Protection Rules.

What does everyone think?
Christian

________________________________
Von: Norm Tovey-Walsh
Gesendet: Mittwoch, 14. September 2022 09:58
Bis: Michael Kay
Cc: public-xslt-40@w3.org
Betreff: Re: QT4 CG Meeting 002 Minutes, 2022-09-13

Michael Kay <mike@saxonica.com> writes:
> I created and pushed a branch with these changes, but creating a pull
> request failed with an error about signing the commits (a process I'm
> not familiar with).

GitHub is attempting to tighten security on public repositories. (I’ll
have another message about this in a few minutes) Here are the details
about signing commits:

  https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits

Basically, this assures that a commit that is purported to have come
from Michael Kay really came from you.

We can probably turn this off if it’s odious, but signed commits seemed
like a reasonable precaution.

                                        Be seeing you,
                                          norm

--
Norm Tovey-Walsh
Saxonica

Received on Wednesday, 28 September 2022 07:04:31 UTC