Show HN: signet – code signing tool

Y	Hacker News new \| ask \| show \| jobs

Show HN: signet – code signing tool (github.com)

1 points by arete 1250 days ago

Hello HN, I've built signet, a code signing tool that makes it really easy to sign your git commits and arbitrary files such as build outputs. signet uses OpenSSH's key and signature formats, making it easy to migrate from, or to, ssh-keygen or another compatible tool.

signet runs on Linux, macOS, and Windows. The following commands will create a new signing key and configure git to sign all future commits and tags in the current repository:

  signet init -s
  signet keys -c

  git config user.signingkey <key id>
  git config gpg.format      ssh
  git config gpg.ssh.program signet

  git config commit.gpgsign  true
  git config tag.gpgsign     true

GitHub supports commit signature verification for SSH signatures, just print the public key with `signet keys -p <key id>` and add it to your account, and your signed commits and tags will show up as verified.