You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Notice how the `Author` and `Signed-off-by` lines match. If they do not match the PR will be rejected by the automated DCO check.
83
83
84
84
If more than one person contributed to a commit than there can be more than one `Signed-off-by` line where each line is a signoff from a different person who contributed to the commit.
85
+
86
+
87
+
## Dependencies Policy
88
+
89
+
Dependencies must be evaluated before being introduced to ensure they:
90
+
91
+
1) are actively maintained
92
+
2) are maintained by trustworthy maintainers
93
+
94
+
These evaluations vary from dependency to dependencies.
95
+
96
+
Dependencies are also scheduled for removal if that project has been deprecated or if the project is no longer maintained.
97
+
98
+
CVEs in dependencies will be patched for all supported versions if the CVE is applicable and is assessed as a high or critical severity.
0 commit comments