I'm not sure we enforce signed-off-by in all projects, but we do in the most important projects. There is a nice little app adding CI check with zero effort. Here is a bad commit: https://github.com/nirs/userstorage/pull/29 When the check fails the app provides useful help for users: https://github.com/nirs/userstorage/pull/29/checks?check_run_id=9125092601 Looks like very little effort to improve all projects! If you wandered what signed-off-by means, this is explained here: https://wiki.linuxfoundation.org/dco Nir