Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

doc: drafted additional guidance on signing commits already made #31

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

doc: drafted additional guidance on signing commits already made #31

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e6b1bcd
doc: drafted additional guidance on signing commits already made
madpah Oct 4, 2024
584162a
Update content/en/docs/contributing/submitting.md
madpah Oct 4, 2024
09ea826
Merge branch 'main' into docs/restrospective-commit-signing
eddie-knight Oct 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 11 additions & 5 deletions content/en/docs/contributing/submitting.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,15 @@ If you haven't yet, please review the requirements for [contributors](../communi

### Signed Commits

In order to help verify the authenticity of contributed code, we ask that your [commits be signed](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits).
All commits must be signed off to show that you agree to publish your changes under the current terms and licenses of the project.
In order to help verify the authenticity of contributed code, we ask that your [commits be signed](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits). All commits must be signed off to show that you agree to publish your changes under the current terms and licenses of the project.

Here are some notes we found helpful in configuring a local environment to automatically sign git commits:
- [GPG commit signature verification](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification#gpg-commit-signature-verification)
- [Telling Git about your GPG key](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key#telling-git-about-your-gpg-key)
Here are some notes we found helpful in configuring a local environment to automatically sign git commits:
- [GPG commit signature verification](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification#gpg-commit-signature-verification)
- [Telling Git about your GPG key](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key#telling-git-about-your-gpg-key)

If you forgot to sign your commits before pushing them, you can retroactively sign all commits on your current branch by running:
```
git rebase --root -S --committer-date-is-author-date
```

You can then re-push your branch and all commits should be signed.