Do not sign each commit, all sort of problems will appear later. Also it beats the purpose, if someone has write access to your repository, you have bigger problems. The commits can be signed with tag and they are immutable.
Been using UNIX since the late 80s; Linux since the mid-90s; virtualization since the early 2000s and spent the past few years working in the cloud space.
Location
Alexandria, VA, USA
Education
B.S. Psychology from Pennsylvania State University
Do not sign each commit, all sort of problems will appear later
Really good idea to not make assertions without qualifying them (be that qualifier directly explaining your assertion or, since we've got markdown, here, providing a link to explain why you've made such an assertion).
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
If you sign your commits with a GPG key instead of SSH you will get the [verified] tag.
Do not sign each commit, all sort of problems will appear later. Also it beats the purpose, if someone has write access to your repository, you have bigger problems. The commits can be signed with tag and they are immutable.
Really good idea to not make assertions without qualifying them (be that qualifier directly explaining your assertion or, since we've got markdown, here, providing a link to explain why you've made such an assertion).