Comment by nubinetwork
5 hours ago
While git has always allowed this, I don't really like the idea that someone can write some code, slap my name on it, and push it to their repo.
5 hours ago
While git has always allowed this, I don't really like the idea that someone can write some code, slap my name on it, and push it to their repo.
You can sign your commits with OpenPGP.
I think this is why signed commits are also supported. My first thought was that this probably doesn’t work with signed commits. But, maybe it does since they are listed as the commiter.
Yup. At the very least, the "big dogs" aka Github and Gitlab should allow you to "claim" an email address to an account and only link it up when the commit in question either directly got authored from the web UI or got cryptographically signed.