Proposal to sign all commits

Hauke Mehrtens hauke at hauke-m.de
Thu May 5 06:45:47 PDT 2016


On 05/04/2016 11:38 PM, Kus wrote:
> Greetings
> 
> I'd like to propose that all commits (at least to master) going forward be signed with the commiter's gpg key.
> 
> https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work
> 
> Thoughts?

If we would add signed commits, it should be optional as this increases
the effort needed to contribute to LEDE. Currently even 	frightened
corporate lawyers are fine with the "Signed-of by:" line in the Linux
kernel.

What problem would a signature solve anyway? I haven't seen this as a
problem that people impersonate someone else and send patches in some
else's name.

Hauke

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.infradead.org/pipermail/lede-dev/attachments/20160505/0bbf6270/attachment.sig>


More information about the Lede-dev mailing list