When someone opens or updates a pull request on a repository with CLA enabled, the Open CLA GitHub App runs a Contributor License Agreement check on GitHub.

Evaluation steps

1. Resolve the active CLA document and version hash for the repository (from repository settings).
2. List all contributors on the pull request.
3. For each contributor, check personal signatures and eligible corporate agreements for that CLA version.
4. Publish check success when every contributor is covered; otherwise fail with guidance to sign.

What contributors see

On failure, the check comment links to the signing flow:

• In-app signing — GitHub-authenticated Markdown agreement
• Dropbox Sign — email link to complete the hosted signature

After signing, contributors should push a new commit or re-run checks so GitHub refreshes status.

Corporate coverage

If the contributor commits through a GitHub organization with an active corporate agreement, Open CLA may pass the check without a personal signature. This requires organization membership read permission on the GitHub App install.

Repository not configured

If the repository has no template assigned, or Open CLA is not installed, checks may not run or may report configuration errors. Assign a template on the repository detail page and confirm the app is installed on that repo.

Monitoring coverage

Use Contributors for org-wide signature status and Pull requests for per-PR CLA state alongside security scans.

Next steps

• Agreement templates
• Contributors
• Pull requests