I’m not going to cryptographically sign my git commits, and you shouldn’t either.

I’m curious to hear what the Lemmy programming community thinks of this!

  • The author argues against signing Git commits, stating that it adds unnecessary complexity to systems.
  • The author believes that signing commits perpetuates an engineering culture of blindly adopting complex tools.
  • The consequences of signing Git commits are likely to be subtle and not as dramatic as some may believe.

Archive link: https://archive.ph/vjDeK

  • Eager Eagle@lemmy.worldEnglish
    2·
    9 months ago

    true, that happens to me all the time

    edit: I think they just rewrite the commit without signing it, not with their private key. Either way, the first signature is lost on rebasing.