SSH commit verification now supported

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
HacktoberFest Git Signing sigstore

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • gitsign

    Keyless Git signing using Sigstore

    • Shameless plug for the gitsign project in sigstore: https://github.com/sigstore/gitsign

    This isn't supported by GitHub yet but we're hopefully working towards that too.

  • gitlab

    • It seems on GitLab this is being working on in https://gitlab.com/gitlab-org/gitlab/-/issues/343879 with part of the work already merged in https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87962 and https://gitlab.com/gitlab-org/gitlab/-/merge_requests/88693

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • dev-mode

    • Does anybody know if this only verifies _new_ commits? I've been signing my commits with my SSH key for a while, but older commits still show as unverified in the web UI. They show the hash of the public key the commit was signed with, which matches a public key associated with my account in the account settings, but the commit still says "Unverified".

    Example: https://github.com/grncdr/dev-mode/commit/06376070aff042e9d5...

  • git

    A fork of Git containing Windows-specific patches. (by git-for-windows)

    • Signing using SSH keys does not work reliably on Windows: https://github.com/git-for-windows/git/issues/3883

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • A toolbox for a secure software supply chain

    1 project | news.ycombinator.com | 26 Aug 2022

  • Enable Gitsign Today and Start Signing your Commits

    2 projects | dev.to | 25 Aug 2022

  • sigstore/gitsign: Keyless Git signing using Sigstore

    1 project | /r/devopsish | 24 Jun 2022

  • Keyless Git signing with Sigstore!

    2 projects | /r/kubernetes | 23 Jun 2022

  • Gitsign

    7 projects | news.ycombinator.com | 9 Jun 2022