CLA
Contributors and signatures
See who has signed your CLA and whether contributors are covered on pull requests.
The Contributors view (/app/governance/contributors) shows signature activity: which GitHub users have signed which CLA versions and their coverage status.
Personal vs corporate
| Type | Who signs | Coverage |
|---|---|---|
| Personal | Individual contributor | Applies to that GitHub user for the CLA version |
| Corporate | Organization owner | Active org members may be covered without a personal signature |
Corporate coverage depends on GitHub org membership permissions configured on the Open CLA GitHub App.
What to monitor
- New contributors on high-traffic repos without signatures
- Failed CLA checks on open pull requests
- Re-sign campaigns after template version bumps
Signing flow
Contributors typically follow a link from the failed check to authenticate with GitHub and complete signing on the hosted signing experience. After signing, they push a new commit or re-run checks so the PR updates.
When a repository uses Dropbox Sign, Superagent creates a Dropbox Sign signature request and emails the signer a signing link. Signature completion is processed through the Dropbox Sign callback URL configured for the repository.