Signing your commits in git
3 min readMar 22, 2021
I’ve gotten into the habit at work of signing my commits in git
with my GPG key. It adds an extra layer of integrity to the source code, as it enables us to know who produced each commit (if the practice is followed widely).
It requires some initial configuration, but after that, it adds very little overhead.
Even if your organization doesn’t have a policy requiring it, I think it’s still…