Hi Github users,
You can now signed your commits on Github using at least Git 2.18.0 and Github Desktop 1.6.1.
Generate a GPG key and add it to Github: https://help.github.com/articles/generating-a-new-gpg-key (if you don't want to type a passphrase on every commit, you need to press "Enter" when the console will prompt you to type a passphrase)
Configure Git properly by editing the
.gitconfigfile using the command line
git config --global --editin a terminal, then replace YOUR_GITHUB_EMAIL, YOUR_SIGNING_KEY and GPG_BINARY_PATH with your data
[user] name = Xavier Foucrier email = YOUR_GITHUB_EMAIL signingkey = YOUR_SIGNING_KEY [gpg] program = GPG_BINARY_PATH [commit] gpgsign = true
- YOUR_GITHUB_EMAIL: the email address used to login on Github
- YOUR_SIGNING_KEY: the GPG key used to sign commits, should follow the GPG key ID convention, like this example: https://help.github.com/articles/telling-git-about-your-signing-key/#telling-git-about-your-gpg-key-1
- GPG_BINARY_PATH: the GPG binary file path, depending on your Git install and your operating system:
C:\\Program Files\\Git\\usr\\bin\\gpg.exe(can be found using
where gpgin a terminal)
- Mac or Linux:
/usr/local/bin/gpg(can be found using
which gpgin a terminal)
- Enjoy signed commits with your favorite code editor!
Note that you can temporary disable GPG signed commits by setting
gpgsign = falsein your
git config --global commit.gpgsign false
That's all folks!