You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Once you have enabled GPG verification for Codespaces, you also must append -S to each commit in order for it to be signed. To do this in Visual Studio Code, ensure the "Git: Enable Commit Signing" option is enabled from the Settings.
But I like the idea in general to use it across our projects, its a bit more work, but as @da2ce7 mention in #50 (comment) is a simple way to improve the confidence of the authenticity of the comments.
Setting up GPG in Mac OS to sign commits may be sometimes difficult.
There are plenty information there, like those two helpful stack overflow threads:
The use of PGP for signing comments is a good and simple way to improve the confidence of the authenticity of the commits.
It is considered good practice as it makes it very hard to impersonate the author of any particular comment.
Github has good integration with this feature: https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification
The text was updated successfully, but these errors were encountered: