Commit Patch Message Guidelines: Difference between revisions

From Openembedded.org
Jump to navigation Jump to search
(Moved to YP docs)
Line 1: Line 1:
This set of guidelines is intended to help both the developer and reviewers of
This page has moved to the [https://docs.yoctoproject.org/dev/contributor-guide/submit-changes.html Yocto Documentation Contributors Guide]
changes determine reasonable patch headers and change commit messages. Often
when working with the code, you forget that not everyone is as familiar with the
problem and/or fix as you are. Often the next person in the code doesn't
understand what or why something is done so they quickly look at patch header
and commit messages. Unless these messages are clear it will be difficult to
understand the relevance of a given change and how future changes may impact
previous decisions.
 
This policy refers both to patches that are being applied by recipes as well as
commit messages that are part of the source control system, usually git. A patch
file needs a header in order to describe the specific changes that are made
within that patch, while a commit message describes one or more changes to the
overall project or system. Both the patch headers and commit messages require
the same attention and basic details, however the purposes of the messages are
slightly different. A commit message documents all of the changes made as part
of a commit, while a patch header documents items specific to a single patch. In
many cases the patch header can also be used as the commit message.
 
This policy does not cover the testing of the changes, the technical criteria
for accepting a patch, nor the style requirements for the technical changes.  See
the [http://www.openembedded.org/wiki/Styleguide Styleguide] for more information on style requirements.
 
By following these guidelines we will have a better record of the problems and
solutions made over the course of development. It will also help establish a
clear provenance of all of the code and changes.
 
  Draft version, changes from last approved version:
  * Revised General Information section to correct broken link
  * Clarify the ''Developer's Certificate of Origin''
 
== General Information ==
 
While specific to the Linux kernel development, the following could also be
considered a general guide for any Open Source development:
 
https://www.linux.com/publications/how-participate-linux-community
 
Many of the guidelines in this document are related to the items referenced in
the link above.
 
Pay particular attention to section 5.3 that talks about patch preparation.
The key thing to remember is to break up your changes into logical sections.
Otherwise you run the risk of not being able to even explain the purpose of a
change in the patch headers!
 
In addition section 5.4 explains the purpose of the Signed-off-by: tag line.  The
signed-off-by: tag line is the ''Developer's Certificate of Origin''.  The full text
of which can be found in the Linux kernel's Documentation/SubmittingPatches.
 
Pay particular attention to section 11 of
 
https://www.kernel.org/doc/html/latest/process/submitting-patches.html
 
Due to the importance of the ''Developer's Certificate of Origin'', part of section 11
is copied below:
 
  The sign-off is a simple line at the end of the explanation for the
  patch, which certifies that you wrote it or otherwise have the right to
  pass it on as an open-source patch.  The rules are pretty simple: if you
  can certify the below:
 
  Developer's Certificate of Origin 1.1
  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
  By making a contribution to this project, I certify that:
 
        (a) The contribution was created in whole or in part by me and I
            have the right to submit it under the open source license
            indicated in the file; or
 
        (b) The contribution is based upon previous work that, to the best
            of my knowledge, is covered under an appropriate open source
            license and I have the right under that license to submit that
            work with modifications, whether created in whole or in part
            by me, under the same open source license (unless I am
            permitted to submit under a different license), as indicated
            in the file; or
 
        (c) The contribution was provided directly to me by some other
            person who certified (a), (b) or (c) and I have not modified
            it.
 
        (d) I understand and agree that this project and the contribution
            are public and that a record of the contribution (including all
            personal information I submit with it, including my sign-off) is
            maintained indefinitely and may be redistributed consistent with
            this project or the open source license(s) involved.
 
  then you just add a line saying::
 
      Signed-off-by: Random J Developer <random@developer.example.org>
 
  using your real name (sorry, no pseudonyms or anonymous contributions.)
 
== Patch Headers and Commit Messages ==
 
There seems to always be a question or two surrounding what a person
should put in a patch header, or commit message.
 
The general rules always apply, those being that there is a single line
short log or summary of the change (think of this as the subject when the patch
is e-mailed), and then the more detailed long log, and closure with tag lines
such as "Signed-off-by:".
 
If the bug relates to a bug in the Yocto Project Bugzilla (https://bugzilla.yoctoproject.org/) then a reference to that bugzilla entry should be added to the details in the form:
 
    [YOCTO #12345]
 
where 12345 is the number of the bug being referenced. The commit message should be understandable in its own right without needing to look at the bug.
 
It is useful to include a version number in the [PATCH] prefix of the subject line, e.g. [PATCH v2] so that its known to be a new version of an earlier patch. It can also be useful to include information about what changed in the new version. This should either be in the cover letter of the series (if one is present) or be done under the detailed commit message and after a "---" separator line. This will mean git will discard the revision information when the patch is applied. This is because the history of the patch revisions is not usually useful to the information being stored against the change. If it is useful information, it should be in the commit message instead.
 
== New Development ==
 
A minimal patch or commit message would be of the format:
 
  Short log / Statement of what needed to be changed.
 
  (Optional pointers to external resources, such as defect tracking)
 
  The intent of your change.
 
  (Optional, if it's not clear from above) how your change resolves the
  issues in the first part.
 
  Tag line(s) at the end.
 
For example:
 
  foobar: Adjusted the foo setting in bar
 
  When using foobar on systems with less than a gigabyte of RAM common
  usage patterns often result in an Out-of-memory condition causing
  slowdowns and unexpected application termination.
 
  Low-memory systems should continue to function without running into
  memory-starvation conditions with minimal cost to systems with more
  available memory.  High-memory systems will be less able to use the
  full extent of the system, a dynamically tunable option may be best,
  long-term.
 
  The foo setting in bar was decreased from X to X-50% in order to
  ensure we don't exhaust all system memory with foobar threads.
 
  Signed-off-by: Joe Developer <joe.developer@example.com>
 
The minimal commit message is good for new code development and simple changes.
 
The single short log message indicates what needed to be changed. It should
begin with an indicator as to the primary item changed by this work,
followed by a short summary of the change. In the above case we're indicating
that we've changed the "foobar" item, by "adjusting the foo setting in bar".
 
The single short log message is analogous to the git "commit summary". While no
maximum line length is specified by this policy, it is suggested that it remains
under 78 characters wherever possible.
 
Optionally, you may include pointers to defects this change corrects. Unless
the defect format is specified by the component you are modifying, it is
suggested that you use a full URL to specify the reference to the defect
information. Generally these pointers will precede any long description, but as
an optional item it may be after the long description.
 
For example, you might refer to an open source defect in the RPM project:
 
  rpm: Adjusted the foo setting in bar
 
  <nowiki>[RPM Ticket #65] -- http://rpm5.org/cvs/tktview?tn=65,5</nowiki>
 
  The foo setting in bar was decreased from X to X-50% in order to
  ensure we don't exhaust all system memory with foobar threads.
 
  Signed-off-by: Joe Developer <joe.developer@example.com>
 
You must then have a full description of the change. Specifying the intent of
your change and if necessary how the change resolves the issue.
 
As mentioned above this is intended to answer the "what were you thinking"
questions down the road and to know what other impacts are likely to
result of the change needs to be reverted. It also allows for better
solutions if someone comes along later and agrees with paragraph 1
(the problem statement) and either disagrees with paragraph 2
(the design) or paragraph 3 (the implementation).
 
Finally one or more tag lines should exist. Each developer responsible
for working on the patch is responsible for adding a Signed-off-by: tag line.
 
It is not acceptable to have an empty or non-existent header, or just a single
line message. The summary and description is required for all changes.
 
=== Describing license changes ===
 
When you change the LICENSE or LIC_FILES_CHKSUM lines in the recipe, you need to
briefly explain the reason for the change in via License-Update: tag. Quite often
it's trivial, such as
 
    License-Update: copyright years refreshed
 
but if the licensing terms themselves changed, do try to include a link to the upstream
making/justifying that decision.
 
== Importing from Elsewhere ==
 
If you are importing work from somewhere else, such as a cherry-pick from
another repository or a code patch pulled from a mailing list, the minimum patch
header or commit message is not enough. It does not clearly establish the
provenance of the code.
 
The following specifies the additional guidelines required for importing changes
from elsewhere.
 
By default you should keep the original author's summary and description,
along with any tag lines such as, "Signed-off-by:". If the original change that
was imported does not have a summary and/or commit message from the original
author, it is still your responsibility to add the summary and commit message to
the patch header. Just as if you wrote the code, you should be able to clearly
explain what the change does. It is also necessary to document the original
author of the change. You should indicate the original author by simply stating
"written by" or "posted to the ... mailing list by". You must not add a
Signed-off-by: tag line with their name, only the original author may add their
own Signed-off-by: tag line.
 
It is also required that the origin of the work be fully documented. The origin
should be specified as part of the commit message in a way that an average
developer would be able to track down the original code. URLs should reference
original authoritative sources and not mirrors.
 
If changes were required to resolve conflicts, they should be documented as
well.  When incorporating a commit or patch from an external source, changes to
the functionality not related to resolving conflicts should be made in a
second commit or patch.  This preserves the original external commit, and makes
the modifications clearly visible, and prevents confusion over the author of the
code.
 
Finally you must add a "Signed-off-by:" tag line to indicate that you worked
with the patch.
 
 
=== Example: Importing from Elsewhere Unmodified ===
 
For example, if you were to pull in the patch from the above example unmodified:
 
  foobar: Adjusted the foo setting in bar
 
  When using foobar on systems with less than a gigabyte of RAM common
  usage patterns often result in an Out-of-memory condition causing
  slowdowns and unexpected application termination.
 
  Low-memory systems should continue to function without running into
  memory-starvation conditions with minimal cost to systems with more
  available memory.  High-memory systems will be less able to use the
  full extent of the system, a dynamically tunable option may be best,
  long-term.
 
  The foo setting in bar was decreased from X to X-50% in order to
  ensure we don't exhaust all system memory with foobar threads.
 
  Signed-off-by: Joe Developer <joe.developer@example.com>
 
  The patch was imported from the OpenEmbedded git server
  (<nowiki>git://git.openembedded.org/openembedded</nowiki>) as of commit id
  b65a0e0c84cf489bfa00d6aa6c48abc5a237100f.
 
  Signed-off-by: Your Name <your.name@openembedded.org>
 
The above example shows a clear way for a developer to find the original source
of the change. It indicates that the OpenEmbedded developer simply integrated
the change into the system without making any further modifications.
 
=== Example: Importing from Elsewhere Modified ===
 
When importing a patch, occasionally changes have to be made in order to resolve
conflicts.  The following is an example of the commit message when the item needed
to be modified:
 
  foobar: Adjusted the foo setting in bar
 
  When using foobar on systems with less than a gigabyte of RAM common
  usage patterns often result in an Out-of-memory condition causing
  slowdowns and unexpected application termination.
 
  Low-memory systems should continue to function without running into
  memory-starvation conditions with minimal cost to systems with more
  available memory.  High-memory systems will be less able to use the
  full extent of the system, a dynamically tunable option may be best,
  long-term.
 
  The foo setting in bar was decreased from X to X-50% in order to
  ensure we don't exhaust all system memory with foobar threads.
 
  Signed-off-by: Joe Developer <joe.developer@example.com>
 
  The patch was imported from the OpenEmbedded git server
  (<nowiki>git://git.openembedded.org/openembedded</nowiki>) as of commit id
  b65a0e0c84cf489bfa00d6aa6c48abc5a237100f.
 
  A previous change had modified the memory threshold calculation,
  causing a conflict.  The conflict was resolved by preserving the
  memory threshold calculation from the existing implementation.
 
  Signed-off-by: Your Name <your.name@openembedded.org>
 
== Patch Header Recommendations: Upstream-Status ==
 
In order to keep track of patches and ultimately reduce the number of patches
that are required to be maintained, we need to track the status of the patches
that are created. The following items are specific to patches applied by recipes.
 
In addition to the items mentioned above, we also want to track if it's
appropriate to get this particular patch into the upstream project. Since we
want to track this information, we need a consistent tag and status indicator
that can be searched.
 
While adding this tracking information to the patch headers is currently
optional, it is highly recommended and some maintainers may require it.  It is
optional at this time so that it can be evaluated as to its usefulness over
time.  Existing patches will be updated with the tag as they are modified.
 
As mentioned in the above, be sure to include any URL to bug tracking, mailing
lists or other reference material pertaining to the patch. Then add a new tag
"Upstream-Status:" which contains one of the following items:
 
  '''Pending'''
  - No determination has been made yet or not yet submitted to upstream
 
  '''Submitted''' [where]
  - Submitted to upstream, waiting approval
  - Optionally include where it was submitted, such as the author, mailing
    list, etc.
 
  '''Accepted'''
  - Accepted in upstream, expect it to be removed at next update, include
    expected version info
 
  '''Backport'''
  - Backported from new upstream version, because we are at a fixed version,
    include upstream version info
 
  '''Denied'''
  - Not accepted by upstream, include reason in patch
 
  '''Inactive-Upstream [lastcommit: when (and/or) lastrelease: when]'''
  - The upstream is no longer available. This typically means a defunct project
    where no activity has happened for a long time - measured in years. To make
    that judgement, it is recommended to look at not only when the last release
    happened, but also when the last commit happened, and whether newly made bug
    reports and merge requests since that time receive no reaction. It is also
    recommended to add any relevant links to the commit message where the inactivity
    can be clearly seen.
 
  '''Inappropriate [reason]'''
  - The patch is not appropriate for upstream, include a brief reason on the
    same line enclosed with []
    reason can be:
      not author (You are not the author and do not intend to upstream this,
                  source must be listed in the comments)
      native
      licensing
      configuration
      enable feature
      disable feature
      bugfix (add bug URL here)
      embedded specific
      other (give details in comments)
 
The various "Inappropriate [reason]" status items are meant to indicate that the
person responsible for adding this patch to the system does not intend to
upstream the patch for a specific reason.  Unless otherwise noted, another
person could submit this patch to the upstream, if they do the status should be
changed to "Submitted [where]", and an additional Signed-off-by: line added to
the patch by the person claiming responsibility for upstreaming.
 
For example, if the patch has been submitted upstream:
 
  rpm: Adjusted the foo setting in bar
 
  <nowiki>[RPM Ticket #65] -- http://rpm5.org/cvs/tktview?tn=65,5</nowiki>
 
  The foo setting in bar was decreased from X to X-50% in order to
  ensure we don't exhaust all system memory with foobar threads.
 
  Upstream-Status: Submitted [rpm5-devel@rpm5.org]
 
  Signed-off-by: Joe Developer <joe.developer@example.com>
 
A future commit can change the value to "Accepted" or "Denied" as appropriate.
 
=== CVE Patches ===
 
In order to have a better control of vulnerabilities, patches that fix CVEs must contain the "CVE:" tag. This tag list all CVEs fixed by the patch. If more than one CVE is fixed, separate them using spaces.
 
==== Example: CVE patch header ====
 
This should be the header of patch that fixes grub2 CVE-2015-8370:
 
  grub2: Fix CVE-2015-8370
 
  <nowiki>[No upstream tracking] -- https://bugzilla.redhat.com/show_bug.cgi?id=1286966</nowiki>
 
  Back to 28; Grub2 Authentication
 
  Two functions suffer from integer underflow fault; the grub_username_get() and grub_password_get()located in
  grub-core/normal/auth.c and lib/crypto.c respectively. This can be exploited to obtain a Grub rescue shell.
 
  <nowiki>Upstream-Status: Accepted [http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2]</nowiki>
  CVE: CVE-2015-8370
  Signed-off-by: Joe Developer <joe.developer@example.com>
 
== Patches addressing bugs from Bugzilla ==
 
If your patch is addressing/fixing a bug from the Yocto Project bugzilla [https://bugzilla.yoctoproject.org/] then please use the <nowiki>[YOCTO #12345]</nowiki> tag in your commit message.
Where 12345 is the bug id e.g. Bug 12345 [https://bugzilla.yoctoproject.org/show_bug.cgi?id=12345]
 
Consistent use of this syntax allows for automated tracking of bug fixes and enhancements.
 
=== Example of Bugzilla tag in a commit message===
 
    <nowiki>pseudo: Ignore mismatched inodes from the db
 
    Currently, where pseudo finds a database entry for an inode but the path
    doesn't match, it reuses that database entry metadata. This is causing
    real world "corruption" of file attributes.
   
    See [YOCTO #14057] for an example of this.
   
    This can happen when files are deleted outside of pseudo context and the
    inode is reused by a new file which pseudo then "sees".
 
    Its possible the opposite could happen, it needs to reuse attributes
    but this change would prevent it. As far as I can tell, we don't want
    pseudo to reuse these attributes though so this code should be safer
    and avoid bugs like the above.
 
    </nowiki>Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 
== Common Errors in Patch and Commit Messages ==
 
- Short log does not start with the file or component being modified.  Such as
"foo: Update to new upstream version 5.8.9"
 
- Avoid starting the summary line with a capital letter, unless the component
being referred to also begins with a capital letter.
 
- Don't have one huge patch, split your change into logical subparts. It's
easier to track down problems afterward using tools such as git bisect. It also
makes it easy for people to cherry-pick changes into things like stable branches.
 
- Don't simply translate your change into English for a commit log. The log
"Change compare from zero to one" is bad because it describes only the code
change in the patch; we can see that from reading the patch itself. Let the code
tell the story of the mechanics of the change (as much as possible), and let
your comment tell the other details -- i.e. what the problem was, how it
manifested itself (symptoms), and if necessary, the justification for why the
fix was done in manner that it was.  In other words, the long commit message
must describe *why* the change was needed (instead of what has changed).
 
- Don't start your commit log with "This patch..." -- we already know it is a patch.
 
- Don't repeat your short log in the long log. If you really really don't have
anything new and informational to add in as a long log, then don't put a long
log at all. This should be uncommon -- i.e. the only acceptable cases for no
long log would be something like "Documentation/README: Fix spelling mistakes".
 
- Don't put absolute paths to source files that are specific to your site, i.e.
if you get a compile error on "fs/exec.c" then tidy up the parts of the compile
output to just show that portion. We don't need to see that it was
/home/wally/src/git/oe-core/meta/classes/insane.bbclass or similar - that full
path has no value to others. Always reduce the path to something more
meaningful, such as oe-core/meta/classes/insane.bbclass.
 
- Always use the most significant ramification of the change in the words of
your subject/shortlog. For example, don't say "fix compile warning in foo" when
the compiler warning was really telling us that we were dereferencing complete
garbage off in the weeds that could in theory cause an OOPS under some
circumstances. When people are choosing commits for backports to stable or
distro kernels, the shortlog will be what they use for an initial sorting
selection. If they see "Fix possible OOPS in...." then these people will look
closer, whereas they most likely will skip over simple warning fixes.
 
- Don't put in the full 20 or more lines of a backtrace when really it is just
the last 5 or so function calls that are relevant to the crash/fix. If the entry
point, or start of the trace is relevant (i.e. a syscall or similar), you can
leave that, and then replace a chunk of the intermediate calls in the middle
with a single [...]
 
- Don't include timestamps or other unnecessary information, unless they are
relevant to the situation (i.e. indicating an unacceptable delay in a driver
initialization etc.)
 
- Don't use links to temporary resources like pastebin and friends. The commit
message may be read long after this resource timed out.
 
- Don't reference mirrors, but instead always reference original authoritative
sources.
 
- Avoid punctuation in the short log.
 
[[Category:Policy]]

Revision as of 15:38, 30 August 2023

This page has moved to the Yocto Documentation Contributors Guide

Retrieved from "https://www.openembedded.org/w/index.php?title=Commit_Patch_Message_Guidelines&oldid=11137"