Skip to content
/ contrib_check Public

Checks contributions in a repo or a GitHub org for DCO signoffs and other things.

License

Apache-2.0 license
3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jmertic/contrib_check

5 Branches0 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

dependabot[bot]dependabot[bot]
Bump the all group with 3 updates (#99)
Apr 28, 2025
3a9d893 · Apr 28, 2025

History

113 Commits
.github
.github
Apr 28, 2025
contrib_check
contrib_check
Feb 7, 2021
.gitignore
.gitignore
May 6, 2024
.pre-commit-config.yaml
.pre-commit-config.yaml
May 4, 2024
CONTRIBUTING.md
CONTRIBUTING.md
Feb 4, 2021
LICENSE
LICENSE
Jan 1, 2021
README.md
README.md
Feb 7, 2021
SECURITY.md
SECURITY.md
May 4, 2024
contrib_check.py
contrib_check.py
Feb 7, 2021
requirements.in
requirements.in
Sep 17, 2024
requirements.txt
requirements.txt
Mar 3, 2025
tests.py
tests.py
May 4, 2024

Repository files navigation

Contribution checker

Checks contributions in a repo or a GitHub org for:

Refactor of previous dco-org-check script for extensibility.

The script will produce a CSV file named after the repo with any commits matching a check, and for DCO signoffs will produce a file similar to the below that can be checked into the repository and used for remediation...

I, John Doe hereby sign-off-by all of my past commits to this repo subject to the Developer Certificate of Origin (DCO), Version 1.1. In the past I have used emails: john.doe@foo.com

4f93aecac9b1a64331148cd496d0ee54584a1553 Commit 1
538c1d602cc6f59e7b600f49889069a4caac7959 Commit 2
9e57035ef29319fc44a7d167e7896bc144e80b10 Commit 3

Installation

git clone https://github.com/jmertic/contrib_check
cd contrib_check
chmod +x contrib_check.py
pip install -r requirements.txt

Usage

usage: contrib_check.py [-h] (-c CONFIGFILE | --repo REPO | --org ORG) [--dco DCO]

Scan a single repo or organization for various contribution checks ( such as DCO )

optional arguments:
  -h, --help            show this help message and exit
  -c CONFIGFILE, --config CONFIGFILE
                        name of YAML config file
  --repo REPO           URL or path to the repo to search
  --org ORG             URL to GitHub org to search
  --dco DCO             Perform a DCO check (defaults to true)

Config file options ( set argument is the default if not specified )

# Path or URL to the repo 
repo: 
# set if scanning an org
org:
  # org type
  type: github
  # name
  name: 
  # list of repos to ignore when scanning
  ignore_repos:
    - repo1
    - repo2
    - ...
  # list of repos to only look at when scanning
  only_repos:
    - repo1
    - repo2
    - ...
# checks to run
checks:
  # set if dco
  dco:
    # list of directory names where previous commit signoffs are in the repo
    signoff_dirs:
      - dco-signoffs
    # set if you want to have the script create the previous commits signoff files
    prior-commits-directory: dco-signoffs

Contributing

Feel free to send issues or pull requests ( with a DCO signoff of course :-) ) in accordance with the contribution guidelines

For more checks to add, note the scope of this tool is scanning contributions to a repository.

Useful tools to make doing DCO signoffs easier

There are a number of great tools out there to manage DCO signoffs for developers to make it much easier to do signoffs.

SPDX-License-Identifier: Apache-2.0

About

Checks contributions in a repo or a GitHub org for DCO signoffs and other things.

Topics

compliance dco

Resources

Readme

License

Apache-2.0 license

Security policy

Security policy
Activity

Stars

3 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

Languages