What is a signed commit?

Question

What is a signed commit?

What does it mean to sign a commit in Git? Even after reading the documentation , I'm still a little confused about how this works. I tried to search Stack Overflow, but surprisingly this question does not seem to be asked yet .

If the commit is signed, does this mean that we can say whether the author’s name and email address on the commit are accurate? Or I do not understand.

+4

git git-sign

Steven Vascellaro Apr 26 '17 at 1:44

source share

1 answer

Chris · Accepted Answer · 2017-04-26T01:51:52+0000

Technically, this simply means holding the corresponding private key signed by the commit . In practice, this can be done as follows: 1) the owner of the key is a person with some reliable reputation, 2) this person has claimed the code, and 3) the code has not changed since it was signed. I have very limited knowledge of how GPG key holders establish their identity with others, but that’s a common idea.

? - , , , , , , . - . , - , "", , , , - , . , , , . , .

.

What is a signed commit?

More articles: