@kai `user.signingkey` is usually not needed, git will pick up the key using user's e-mail.

Signing all commits can be also "controversial" in some circles: news.ycombinator.com/item?id=1


@wiktor That signing sure depends on the use case. Here I'm the only developer and can confirm all code is as expected, so I really sign it as a quality proof. Otherwise it doesn't hurt me in the workflow.

@kai Yep, and if you sign them all no-one can fake your commits on GitHub: news.ycombinator.com/item?id=1

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!