Missing open-source contributor presents a dilemma when accepting their contribution

I faced the following situation recently as a maintainer of a popular open-source project, and I wondered what to do.

Situation
A first-time contributor submits a PR to Spectre.Console, a Microsoft .Net Foundation open-source project. Itโ€™s a small, but important change to guard against a null input parameter on a public method.

The contribution bot asks for confirmation the code change is copyright-free, but the contributor doesnโ€™t respond. The bot proceeded to remind the contributor several times, and I even attempted to make contact through other channels, but the contributor didnโ€™t respond.

I wish to merge the contribution, I wish to behave in a legally compliant manner, and I wish to encourage other first-time contributors.

Question
What is the โ€˜properโ€™ open source etiquette regarding this PR?

  1. Leave it open, wait indefinitely
  2. Close it with a comment
  3. Close it with a comment, then submit my own PR with exactly the same code
  4. Merge it anyway

Answer
โ€˜4. Merge it anywayโ€™ is probably the right course of action, for the reasons that follow.

The repository is MIT-licensed, and clearly advertised as such, so itโ€™s reasonable to expect all contributions are made under that license, even before the bot comes along. Additionally, the change is trivial and widely considered industry best practice, so itโ€™s hard to see how anyone could enforce a copyright claim. Anyhow, code change could easily be reversed, and I find it hard to see how damages could be levied in this situation.

However, a more extensive contribution could prove to be problematic. So, Iโ€™ll consider an update to the PR template (and contributing guidelines) to explicitly state that all contributions are MIT-licensed and not to proceed otherwise.

Woking, Surrey, GU22, United Kingdom