Jeden Skill in Manus ausführen
mit einem Klick

Jeden Skill in Manus mit einem Klick ausführen

$pwd:

dco

Name: Dco
Author: linuxfoundation

// Recover from missing DCO sign-off on commits. Handles the single-commit amend, older-commit recovery via interactive rebase or cherry-pick, and explains the Probot DCO check that blocks PRs without sign-off. Use when a PR fails the DCO check, when a commit needs a Signed-off-by trailer added retroactively, or when sign-off was forgotten during rebase / cherry-pick / amend.

In Manus ausführen

$ git log --oneline --stat

stars:3.365

forks:731

updated:22. Mai 2026 um 17:18

SKILL.md

readonly

name	dco
description	Recover from missing DCO sign-off on commits. Handles the single-commit amend, older-commit recovery via interactive rebase or cherry-pick, and explains the Probot DCO check that blocks PRs without sign-off. Use when a PR fails the DCO check, when a commit needs a Signed-off-by trailer added retroactively, or when sign-off was forgotten during rebase / cherry-pick / amend.
allowed-tools	Bash, Read, Edit

DCO Sign-off Recovery

All commits in this repo must carry a Signed-off-by: trailer (Developer Certificate of Origin). The Probot DCO check on PRs blocks merge until every commit is signed.

The standard way to add it is with --signoff at commit time. This skill handles the cases where that was missed.

Case 1: Last commit only

git commit --amend --signoff -S --no-edit
git push --force-with-lease

--force-with-lease is preferred over plain --force — it refuses if someone else has pushed to the branch since you last fetched.

Case 2: Older commit on the same branch

Find the commit hash of the oldest unsigned commit:

git log --pretty='%h %s %(trailers:key=Signed-off-by,valueonly)' origin/main..HEAD
# Any line with an empty trailing field is unsigned

Then interactively rebase from one commit before that:

git rebase -i <parent-of-unsigned-commit>
# In the editor, change `pick` to `edit` for each unsigned commit
# Save and exit; the rebase stops at each `edit` line so you can amend

For each commit in the rebase, replace it with a signed version:

git commit --amend --signoff -S --no-edit
git rebase --continue

When done, force-push:

git push --force-with-lease

Case 3: Cherry-pick / merge brought in unsigned commits

Cherry-pick with sign-off baked in:

git cherry-pick --signoff <sha>

If you already cherry-picked without it, fall back to Case 1 or Case 2 above.

Verifying the whole branch

Before pushing, verify every commit ahead of origin/main has both DCO and GPG:

git log --format='%G? %(trailers:key=Signed-off-by,valueonly,separator=%x20) %h %s' origin/main..HEAD

Each line must start with G or U (good GPG signature) AND carry a non-empty Signed-off-by value before the SHA. Codes N / B / E need investigation. See .claude/rules/commit-workflow.md for the canonical signing policy.

What the Probot DCO check looks for

The check passes when every commit message includes a Signed-off-by: Name <email> trailer matching the commit author's email. The --signoff (or -s) flag adds this trailer automatically using your user.name and user.email git config.

A failing DCO check on a PR will show a "Details" link explaining which commits are missing sign-off.

related-skills.json

gleiches Repository

packages-worker-add-entrypoint.md

from "linuxfoundation/crowd.dev"

Scaffold a new sub-worker inside packages_worker (npm, deps.dev, osv, scorecard, etc.) following the single-service multi-entry-point structure. Use when: "add a new packages worker", "scaffold a sub-worker in packages_worker", "new worker for packages-db", "add npm worker", "add OSV worker", "add deps.dev worker".

2026-05-263.4k

packages-worker-setup.md

from "linuxfoundation/crowd.dev"

Get packages_worker running locally — first time or resuming after a break. Spins up packages-db if not running, applies any pending migrations, and starts the worker. All steps are safe to re-run. Use when: "set up packages worker", "start packages worker", "resume packages worker", "get packages-db running", "packages-db stopped", "restart the worker".

2026-05-263.4k

adr.md

from "linuxfoundation/crowd.dev"

Record an architecture decision as an ADR in docs/adr/. Use when choosing between frameworks, libraries, databases, or architectural patterns; stating a decision with reasoning ("we decided X instead of Y because..."); or querying past decisions ("why did we choose X?").

2026-05-223.4k

commit.md

from "linuxfoundation/crowd.dev"

Generate a commit message and commit staged changes using git commit -s -S.

2026-05-223.4k

preflight.md

from "linuxfoundation/crowd.dev"

Pre-PR validation — working tree status, format, lint, TypeScript check, and protected file check. Workspace-aware: detects which of backend/, frontend/, services/apps/*, services/libs/* were changed and runs only the relevant scripts. Use before submitting any PR, to check if code is ready, or to validate a branch before review.

2026-05-223.4k

review-pr.md

from "linuxfoundation/crowd.dev"

Review a pull request against CDP architecture standards — fetches PR diff, verifies previous comments are addressed, validates PR metadata (title, branch, JIRA key, size), runs a code-standards enforcer against every file in `.claude/rules/` and `.claude/hooks/guard-protected-files.sh`, and drafts inline review comments with suggested fixes. NEVER auto-posts comments or submits reviews — always presents a draft in the terminal for user approval before any comment lands on the PR. Use when reviewing PRs, checking PR quality, validating code changes, or when the user says "review", "check this PR", or "audit code".

2026-05-223.4k

package.json

"author": "linuxfoundation"

"repository": "linuxfoundation/crowd.dev"

GitHub-Repository öffnen Creator-Repositorys ansehen

$ install --global

$ download --local

In Manus ausführen

$ useful --forSOC

SoftwareentwicklerInformatik- und Mathematikberufe15-1252L4

name	dco
description	Recover from missing DCO sign-off on commits. Handles the single-commit amend, older-commit recovery via interactive rebase or cherry-pick, and explains the Probot DCO check that blocks PRs without sign-off. Use when a PR fails the DCO check, when a commit needs a Signed-off-by trailer added retroactively, or when sign-off was forgotten during rebase / cherry-pick / amend.
allowed-tools	Bash, Read, Edit

DCO Sign-off Recovery

All commits in this repo must carry a Signed-off-by: trailer (Developer Certificate of Origin). The Probot DCO check on PRs blocks merge until every commit is signed.

The standard way to add it is with --signoff at commit time. This skill handles the cases where that was missed.

Case 1: Last commit only

git commit --amend --signoff -S --no-edit
git push --force-with-lease

--force-with-lease is preferred over plain --force — it refuses if someone else has pushed to the branch since you last fetched.

Case 2: Older commit on the same branch

Find the commit hash of the oldest unsigned commit:

git log --pretty='%h %s %(trailers:key=Signed-off-by,valueonly)' origin/main..HEAD
# Any line with an empty trailing field is unsigned

Then interactively rebase from one commit before that:

git rebase -i <parent-of-unsigned-commit>
# In the editor, change `pick` to `edit` for each unsigned commit
# Save and exit; the rebase stops at each `edit` line so you can amend

For each commit in the rebase, replace it with a signed version:

git commit --amend --signoff -S --no-edit
git rebase --continue

When done, force-push:

git push --force-with-lease

Case 3: Cherry-pick / merge brought in unsigned commits

Cherry-pick with sign-off baked in:

git cherry-pick --signoff <sha>

If you already cherry-picked without it, fall back to Case 1 or Case 2 above.

Verifying the whole branch

Before pushing, verify every commit ahead of origin/main has both DCO and GPG:

git log --format='%G? %(trailers:key=Signed-off-by,valueonly,separator=%x20) %h %s' origin/main..HEAD

What the Probot DCO check looks for

A failing DCO check on a PR will show a "Details" link explaining which commits are missing sign-off.

dco

DCO Sign-off Recovery

Case 1: Last commit only

Case 2: Older commit on the same branch

Case 3: Cherry-pick / merge brought in unsigned commits

Verifying the whole branch

What the Probot DCO check looks for

Mehr aus diesem Repository

Mehr aus diesem Repository

DCO Sign-off Recovery

Case 1: Last commit only

Case 2: Older commit on the same branch

Case 3: Cherry-pick / merge brought in unsigned commits

Verifying the whole branch

What the Probot DCO check looks for