cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wido den Hollander <w...@widodh.nl>
Subject GPG signing commits on Github
Date Wed, 06 Apr 2016 07:28:53 GMT
Hi,

Github just added [0] support for verifying GPG signatures of Git commits to the
web interface.

Under the settings page [1] you can now add your public GPG key so Github can
verify it.

It's rather simple:

$ gpg --armor --export wido@widodh.nl

That gave me my public key which I could export.

Git already supports signing [2] commits with your key.

This makes me wonder, is this something we want to enforce? To me it seems like
a good thing to have.

Wido

[0]: https://github.com/blog/2144-gpg-signature-verification
[1]: https://github.com/settings/keys
[2]: https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work

Mime
View raw message