atriple/commit-signature-verification.md

Last active June 5, 2020 08:43

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/atriple/f0762112ffddd9831949b76351c9adda.js"></script>
Save atriple/f0762112ffddd9831949b76351c9adda to your computer and use it in GitHub Desktop.

Download ZIP

Raw

commit-signature-verification.md

Commit Signature Verification

Because things like https://github.com/jayphelps/git-blame-someone-else exist

You can use GPG key to sign your commits to make it have Verified status.

Follow this guides -- https://help.github.com/en/github/authenticating-to-github/managing-commit-signature-verification
To commit -- https://help.github.com/en/github/authenticating-to-github/signing-commits

For Windows

Note that Git Bash on Windows from Version 2.19.1 already includes gpg2, so you don't have to install Gpg4Win anymore to generate & use GPG key
- If you use Gpg4Win, you can add additional global config to your Git using git config --global gpg.program "c:/Program Files (x86)/GnuPG/bin/gpg.exe", this will use installed Gpg4Win instead of the included one in the Git Bash

For Ubuntu & Mac

https://gist.github.com/ankurk91/c4f0e23d76ef868b139f3c28bde057fc

Tips

To configure your Git client to sign commits by default for a local repository, in Git versions 2.0.0 and above, run git config commit.gpgsign true

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment