The GitHub identity story is still a mess.

I agree with their recent suggestions to use commit signing but it is important to note they still forge signatures and break enforcement in non obvious ways.

· · Web · 0 · 2 · 1
Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!