I found this thread where Linus describes his opinion about auto-sign commits. But I'm not really sure I understood his point correctly... For me it sounds more that he argues for a different use case: the verification of the integrity of a release (git tags) or entire project. For me it's more about verifying the authorship of single commits.
Thank you Anthony for your suggestion!
I found this thread where Linus describes his opinion about auto-sign commits. But I'm not really sure I understood his point correctly... For me it sounds more that he argues for a different use case: the verification of the integrity of a release (git tags) or entire project. For me it's more about verifying the authorship of single commits.
Updated link web.archive.org/web/20210412010515...