It's very easy to spoof the author of a git commit that has not been signed. Take a look at these commits "from" Linus Torvalds (the creator of Git):

GitHub supports commit signing. Krypton makes it easy to create a PGP key and sign your commits. Get started in just a few minutes. Download Krypton now to protect your work.

Would you recommend this product?
No reviews yet
Be the first to comment