Hacker News new | past | comments | ask | show | jobs | submit login

Always sign your commits! gpg is a pain but once you set it up you never have to think about it again.



or don't sign your commits and then you have plausible deniability about commits in your name


Yeah and leave your wifi open so that you have plausible deniability for downloading CP.


You can use ssh keys to sign commits too, since git version some-time-last-year. GitHub should have support for it sometime this month (not that this is required to verify signatures).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: