By Stephan Schulze
Did you know that you can easily sign your GitHub commits with a GPG key?
Simply add the parameter -S to your git command:
git commit -S -m your message
The result will look like this:
Now, you might ask yourself: Why should I care about signing my GitHub commits? GitHub allows setting up the name and e-mail address of a commit’s author by configuration. This means that anyone could potentially use your e-mail address to commit changes to a repository. Signing your commits with a GPG key will verify you as the genuine author and thereby prevent abuse of your e-mail address and accordingly your identity.
Click here for a more detailed explanation of how to add a GPG key to your GitHub account.