When someone opens or updates a pull request on a repository with CLA enabled, the Open CLA GitHub App runs a Contributor License Agreement check on GitHub.

Evaluation steps

1. Resolve the active CLA document and version hash for the repository (from template assignment).
2. List all contributors on the pull request.
3. For each contributor, check personal signatures and eligible corporate agreements for that CLA version.
4. Pass the check only when every contributor is covered; otherwise fail with a link to sign.

After signing

Once a contributor signs—or is covered by corporate agreement—pushing a new commit or refreshing the check path updates the result to passing.

If the repository uses Dropbox Sign, the contributor or organization signer completes the agreement from the Dropbox Sign email. Superagent records the provider request and signature IDs, then updates coverage when the signing flow completes.

Common scenarios

Scenario	Expected result
All contributors signed for current version	Check passes
New contributor, no signature	Check fails until signing
Template version updated	Contributors re-sign for new hash
Org member under corporate CLA	May pass without personal signature

Troubleshooting

If contributors see “repository has not been seen by the CLA app yet,” open or update a pull request first so the installation is associated with the repo.

If Dropbox Sign signing does not start, confirm the Dropbox Sign integration is configured, the selected CLA template uses a Dropbox Sign template, and the repository has the correct Dropbox Sign callback URL configured.

Next steps

• Install GitHub Apps
• Overview
• Troubleshooting