2.8 KiB
title, intro, redirect_from, versions, topics
| title | intro | redirect_from | versions | topics | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Signing commits | You can sign commits locally using GPG or S/MIME. |
|
|
|
{% data reusables.gpg.desktop-support-for-commit-signing %}
{% tip %}
Tips:
To configure your Git client to sign commits by default for a local repository, in Git versions 2.0.0 and above, run git config commit.gpgsign true. To sign all commits by default in any local repository on your computer, run git config --global commit.gpgsign true.
To store your GPG key passphrase so you don't have to enter it every time you sign a commit, we recommend using the following tools:
- For Mac users, the GPG Suite allows you to store your GPG key passphrase in the Mac OS Keychain.
- For Windows users, the Gpg4win integrates with other Windows tools.
You can also manually configure gpg-agent to save your GPG key passphrase, but this doesn't integrate with Mac OS Keychain like ssh-agent and requires more setup.
{% endtip %}
If you have multiple keys or are attempting to sign commits or tags with a key that doesn't match your committer identity, you should tell Git about your signing key.
- When committing changes in your local branch, add the -S flag to the git commit command:
$ git commit -S -m <em>your commit message</em>
# Creates a signed commit
- If you're using GPG, after you create your commit, provide the passphrase you set up when you generated your GPG key.
- When you've finished creating commits locally, push them to your remote repository on {% data variables.product.product_name %}:
$ git push
# Pushes your local commits to the remote repository
- On {% data variables.product.product_name %}, navigate to your pull request. {% data reusables.repositories.review-pr-commits %}
- To view more detailed information about the verified signature, click Verified.
