Skip to content

chore: add SPDX headers, DCO enforcement, and build-debug target#501

Merged
CybotTM merged 1 commit intomainfrom
chore/spdx-dco-headers
Feb 26, 2026
Merged

chore: add SPDX headers, DCO enforcement, and build-debug target#501
CybotTM merged 1 commit intomainfrom
chore/spdx-dco-headers

Conversation

@CybotTM
Copy link
Member

@CybotTM CybotTM commented Feb 25, 2026

Summary

  • Add SPDX copyright and MIT license headers to all 225 Go source files
  • Add DCO enforcement via lefthook commit-msg hook
  • Add build-debug Makefile target and BUILD_FLAGS variable for debug symbol preservation
  • Supports OpenSSF Best Practices Silver badge criteria (license_per_file, copyright_per_file, dco, build_preserve_debug)

Test plan

  • Verify SPDX headers present in Go files
  • Verify make build-debug produces binary with debug symbols
  • Verify lefthook DCO hook rejects unsigned commits

@CybotTM
chore: add SPDX headers, DCO enforcement, and build-debug target
a512d10 
- Add SPDX copyright (Netresearch DTT GmbH) and license (MIT) headers to all Go source files
- Add DCO section to CONTRIBUTING.md requiring Signed-off-by trailers
- Add DCO enforcement hook in lefthook.yml (commit-msg check)
- Add BUILD_FLAGS variable and build-debug Makefile target for debug symbol preservation

Signed-off-by: Sebastian Mendel <info@sebastianmendel.de>
Copilot AI review requested due to automatic review settings February 25, 2026 23:41
@gemini-code-assist
Copy link

gemini-code-assist bot commented Feb 25, 2026

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

@CybotTM CybotTM enabled auto-merge February 25, 2026 23:41
@github-actions
Copy link

github-actions bot commented Feb 25, 2026

⚠️ Mutation Testing Results

Mutation Score: 0.00% (threshold: 60%)

⚠️ Score is below threshold. Consider improving test coverage or test quality.

What is mutation testing?

Mutation testing measures test quality by introducing small changes (mutations) to the code and checking if tests detect them. A higher score means better test effectiveness.

  • Killed mutants: Tests caught the mutation (good!)
  • Survived mutants: Tests missed the mutation (needs improvement)

github-actions[bot]
github-actions bot approved these changes Feb 25, 2026
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automated approval for solo maintainer project

All CI checks passed. See SECURITY.md for compensating controls.

Copilot AI reviewed Feb 25, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds SPDX copyright headers to all Go source files, implements DCO enforcement via a lefthook commit-msg hook, and introduces build targets for debug symbol preservation. These changes support OpenSSF Best Practices Silver badge criteria for license_per_file, copyright_per_file, dco, and build_preserve_debug.

Changes:

  • Added SPDX-License-Identifier and copyright headers to 225 Go files
  • Implemented DCO sign-off enforcement with lefthook commit-msg hook
  • Added build-debug Makefile target and BUILD_FLAGS variable for controlling debug symbol stripping

Reviewed changes

Copilot reviewed 228 out of 228 changed files in this pull request and generated 1 comment.

File Description
All Go source files Added SPDX license identifier and copyright headers
lefthook.yml Added DCO sign-off validation in commit-msg hook
Makefile Added BUILD_FLAGS variable and build-debug target for debug symbol preservation
CONTRIBUTING.md Added DCO documentation section with sign-off instructions

@github-actions
Copy link

github-actions bot commented Feb 25, 2026

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

@codspeed-hq
Copy link

codspeed-hq bot commented Feb 25, 2026

Merging this PR will degrade performance by 14.6%

⚡ 1 improved benchmark
❌ 1 regressed benchmark
✅ 24 untouched benchmarks

⚠️ Please fix the performance issues or acknowledge them on CodSpeed.

Performance Changes

Benchmark BASE HEAD Efficiency
BenchmarkExecutionMemoryWithoutPool 9.3 ms 10.8 ms -14.6%
remove 43.8 µs 39.2 µs +11.74%

Comparing chore/spdx-dco-headers (a512d10) with main (f141679)

Open in CodSpeed

@CybotTM CybotTM added this pull request to the merge queue Feb 26, 2026
Merged via the queue into main with commit e1d2a36 Feb 26, 2026
34 of 35 checks passed
@CybotTM CybotTM deleted the chore/spdx-dco-headers branch February 26, 2026 00:05
@github-actions github-actions bot added the released:v0.21.0 Included in v0.21.0 release label Mar 7, 2026
@github-actions
Copy link

github-actions bot commented Mar 7, 2026

🚀 Released in v0.21.0

Thank you for your contribution! 🙏

This is now available in the latest release. Please test and verify everything works as expected in your environment.

If you encounter any issues, please open a new issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

released:v0.21.0 Included in v0.21.0 release

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@CybotTM