re: ​Linus Torvalds takes a break from Linux VIEW POST

TOP OF THREAD FULL DISCUSSION
re: GPG sign their commits? For what purpose? Be aware that I do understand what the whole GPG toolset can do and for what reason. I just don't see the...

For what purpose?

Our customers want the appearance of traceability/non-repudiation.

It will be more difficult to start contributing as a new member on the team = it will be longer until they start delivering value.

It's literally a five-minute setup task.

It will be a constant annoyance to have to GPG sign your commits,

Have you ever actually taken the five minutes needed to set up git for commit-signing?? gpg-agent and similar tools make signing commits — whether you're a multiple-times-per hour or a "once at the end of the day" type of committer — pretty much transparent. Enter the key's password into the key-agent once during the session and that's it for the day.

code of conduct - report abuse