{"id":20596630,"url":"https://github.com/suhailroushan13/signed-commits","last_synced_at":"2026-06-06T00:31:30.056Z","repository":{"id":107535837,"uuid":"559707102","full_name":"suhailroushan13/Signed-Commits","owner":"suhailroushan13","description":"A signed commit is one where the author of the commit has digitally signed the commit using a GPG key. This digital signature confirms that the author of the commit is who they say they are and that the code has not been tampered with since it was committed.","archived":false,"fork":false,"pushed_at":"2025-03-16T15:40:16.000Z","size":17,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-16T16:35:40.168Z","etag":null,"topics":["ed25519","git","gpg","pgp","signed-commits"],"latest_commit_sha":null,"homepage":"https://github.com/suhailroushan13/Signed-Commits","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/suhailroushan13.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-10-30T23:04:11.000Z","updated_at":"2025-03-16T15:40:19.000Z","dependencies_parsed_at":"2025-01-17T01:00:09.563Z","dependency_job_id":null,"html_url":"https://github.com/suhailroushan13/Signed-Commits","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/suhailroushan13/Signed-Commits","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/suhailroushan13%2FSigned-Commits","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/suhailroushan13%2FSigned-Commits/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/suhailroushan13%2FSigned-Commits/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/suhailroushan13%2FSigned-Commits/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/suhailroushan13","download_url":"https://codeload.github.com/suhailroushan13/Signed-Commits/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/suhailroushan13%2FSigned-Commits/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33965591,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-05T02:00:06.157Z","response_time":120,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ed25519","git","gpg","pgp","signed-commits"],"created_at":"2024-11-16T08:17:50.794Z","updated_at":"2026-06-06T00:31:30.041Z","avatar_url":"https://github.com/suhailroushan13.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# How to Make Signed Commits in GitHub\n\nSigning, or code signing specifically, is the process of using cryptography to digitally add a signature to data. The receiver of the data can verify that the signature is authentic, and therefore must've come from the signatory. It's like physical signatures, but digital and more reliable\n\n\n# Quick Guide to Sign Your Git Commits\n\n### Why Should I Sign Git Commits?\n\nClearly, this is the first question that bumps into your mind after hearing about signing Git commits.\n\nOkay, if you’re into Git, you might have already known that you can change git commit author name and email in a simple command.\n\n### GitHub Config SetUp\n```bash\ngit config --global user.name \"YOUR_GITHUB_USERNAME\"\ngit config --global user.email \"YOUR_GITHUB_EMAIL\"\n```\n\n### When Running for the First Time it will ask for Name , Email , Password , Passphrase\n```bash\n  gpg --full-generate-key\n```\n## Screenshots\n\n![App Screenshot](https://i.imgur.com/wxY80w3.png)\n![App Screenshot](https://i.imgur.com/7YF5e75.png)\n\n### Get Your KEY ID\n```bash\n  gpg --list-secret-keys --keyid-format LONG\n```\n\n### Example :\n\n```bash\n/Users/hubot/.gnupg/secring.gpg\n------------------------------------\nsec 4096R/3AA5C34371567BD2 2016-03-10 [expires: 2017-03-10]\nuid                        Hubot \nssb 4096R/42B317FD4BA89E7A 2016-03-10\n```\n\n #### Here The Key ID is **3AA5C34371567BD2**\n\n### Make your key public and recognizable around Internet now. Run this command:\n\n```bash\ngpg --send-keys 3AA5C34371567BD2\n```\nDon’t worry, this command will send public key only, it never sends your secret key!\n\n\n### Add key to Github\nNow, let’s export your public key from key ID.\n\n```bash\ngpg --armor --export 3AA5C34371567BD2\n```\n\n### Example \nCopy From  ---- BEGIN PGP to KEY BLOCK -------\n```bash\n-----BEGIN PGP PUBLIC KEY BLOCK-----\n\u003cLong Random Text\u003e\n-----END PGP PUBLIC KEY BLOCK-----\n```\n\n### Go to Settings \u003e SSH and GPG keys section on Github.\n\n### Click green button to add New GPG Key.\n\n### Copy and paste above public key and click button to add.\n\n\n\n\n## Screenshots\n\n![App Screenshot](https://i.imgur.com/FcedzuI.png)\n\n![App Screenshot](https://i.imgur.com/YCdWSAT.png)\n\n\n\n\n### Check Where is gpg in your Folders\n\n```bash\nwhich gpg\n```\n### Example\n\n```bash\n/usr/bin/gpg\n\n```\n\n### Add Path \n\n\n```bash\ngit config --global gpg.program \"/usr/bin/gpg\"\n```\n\n### Check your Key ID\n\n\n```bash\ngpg --list-secret-keys --keyid-format LONG\n\n/home/suhail/.gnupg/pubring.kbx\n-------------------------------\nsec   rsa3072/3AA5C34371567BD2 2022-10-30 [SC] [expires: 2024-10-29]\n      F7EFC23FF92C79301F40847852AE60C1EE3A6501\nuid                 [ultimate] suhailroushan \u003csuhailroushan13@gmail.com\u003e\nssb   rsa3072/AD20B7AA5EFC0B10 2022-10-30 [E] [expires: 2024-10-29]\n```\n\nYour Key ID Is **3AA5C34371567BD2** from sec \n\n### Add the Signing Key to your global git config so that all your git commits are verified\n\n```bash\ngit config --global user.signingkey 3AA5C34371567BD2\ngit config --global commit.gpgsign true\n```\n\n### Open git config file from ~/.gitconfig and add following lines in it.\n\n```bash\n[tag]\n        gpgsign = true\n```\n\n### Type this in Terminal\n```bash\nexport GPG_TTY=$(tty)\n```\n\n\n### Clone Any Repo\n```bash\ngit clone git@github.com:suhailroushan13/Signed-Commits.git\nMake Changes\ngit add .\ngit commit -m \"Changes Done\" \ngit push origin master\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsuhailroushan13%2Fsigned-commits","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsuhailroushan13%2Fsigned-commits","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsuhailroushan13%2Fsigned-commits/lists"}