[guardian-dev] signing git commits with gpg

Nick Parker nparker at zetetic.net
Wed Feb 13 09:17:29 EST 2013


On 2/12/13 11:22 AM, Hans-Christoph Steiner wrote:
> 
> Here's a nice, thorough article that goes thru the problems of gpg-signing git
> commits and verifying them in a useful way:
> 
> http://mikegerwitz.com/docs/git-horror-story.html
> 
> Has anyone integrated commit signing into their workflow?  I'm specifically
> interested to hear about aiding some kind of auditing.
> 
> .hc
> _______________________________________________
> Guardian-dev mailing list
> 
> Post: Guardian-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
> 
> To Unsubscribe
>         Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
>         Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/nparker%40zetetic.net
> 
> You are subscribed as: nparker at zetetic.net
> 

This is an interesting article, I wonder if this will become a more
visible issue in the future?  I generally only sign tags for projects
like SQLCipher for Android.

-- 
Nick Parker


More information about the Guardian-dev mailing list