Skip to main content

Managing the commit signoff policy for your repository

You can require users to automatically sign off on the commits they make to your repository using GitHub Enterprise Cloud's web interface.

Who can use this feature

Organization owners and repository administrators can require all commits to a repository to be signed off by the commit author.

About commit signoffs

Commit signoffs enable users to affirm that a commit complies with the rules and licensing governing a repository. You can enable compulsory commit signoffs on individual repositories for users committing through GitHub.com's web interface, making signing off on a commit a seemless part of the commit process. Once compulsory commit signoffs are enabled for a repository, every commit made to that repository through GitHub.com's web interface will automatically be signed off on by the commit author.

Organization owners can also enable compulsory commit signoffs at the organization level. For more information, see "Managing the commit signoff policy for your organization."

Compulsory commit signoffs only apply to commits made via the web interface. For commits made via the Git command line interface, the commit author must sign off on the commit using the --signoff option. For more information, see the Git documentation.

You can determine whether a repository you are contributing to has compulsory commit signoffs enabled by checking the header of the commit form at the bottom of the file you are editing. After compulsory commit signoff has been enabled, the header will read "Sign off and commit changes."

Screenshot of commit commit form with compulsory signoff enabled

Before signing off on a commit, you should ensure that your commit is in compliance with the rules and licensing governing the repository you're committing to. The repository may use a sign off agreement, such as the Developer Certificate of Origin from the Linux Foundation. For more information, see the Developer Certificate of Origin.

Signing off on a commit differs from signing a commit. For more information about signing a commit, see "About commit signature verification."

Enabling or disabling compulsory commit signoffs for your repository

  1. On GitHub.com, navigate to the main page of the repository.
  2. Under your repository name, click Settings. Repository settings button
  3. Select Require contributors to sign off on web-based commits. Screenshot of Require contributors to sign off on web-based commits