EasyCLA and Co-Author Compliance Guide

Overview

EasyCLA is designed to ensure that contributors have signed the Contributor License Agreement (CLA) before merging contributions. However, due to limitations in Git and GitHub, EasyCLA does not currently support co-author validation.

Why Co-Authors Are Not Supported

Free-Text Entry

The Co-authored-by trailer is manually entered and unverifiable, making it difficult to accurately validate co-authors.

GitHub Limitations

GitHub does not validate co-authors, and its API does not reliably expose co-author details, limiting EasyCLA's ability to accurately verify co-authors.

Compliance Risks

Unvalidated co-authors could potentially bypass CLA requirements, so EasyCLA checks only the primary author to ensure compliance.

Implications for Contributors

• Only primary authors are validated for CLA compliance.

• Co-authors are ignored, meaning their CLA status does not impact EasyCLA checks.

• Projects requiring full contributor validation should have contributors submit changes as separate PRs where they are the primary author.

Future Considerations

EasyCLA is open to revisiting this policy if GitHub enhances co-author validation.

Troubleshooting and Support

If you encounter any issues or have questions about EasyCLA, please contact our support team for assistance.