Error: Twitter did not respond. Please wait a few minutes and refresh this page.
The Art of Structured Improvisation. By Carsten Nielsen
With the release of Git v1.7.9 it’s possible to sign your commits now.
To activate this on your machine, you have to configure git:
1. Get your key-id in the terminal:
$> gpg --list-keys ... pub 1024D/123ABC89 2011-09-27 uid Carsten Nielsen ...
Locate your relevant key and copy the ID to git:
$> git config --global user.signingkey 123ABC89
Now you are able to sign your commits by using the option -S
$> git commit -S
If you want to check the origin of a commit you can now show the signing by:
$> git log --show-signature commit 01b817f3e3bfe1fb1143a172539162bf6bf7aca5 gpg: Signature made 2012-02-09T11:30:57 CET using RSA key ID 123ABC89 gpg: Good signature from "Carsten Nielsen " Author: Carsten Nielsen Date: Thu Feb 9 11:30:48 2012 +0100 Lets sign something
With this we should be able to create an infrastructure on the repo- or deploy-server to check and ensure the origin of the commits.
But this is another story for another time…