|
|
|
|
|
|
by ArchOversight
1990 days ago
|
|
|
Unless you are also verifying that the signed commits are from particular users, and don't allow any tooling to create unsigned commits, that might work, but many of the issues we found weren't even about the code itself. |
|
|