Skip to main content


We *really* need to establish signing commits with a verified key as common practice in software development.

For some critical projects it should probably even be a strict requirement for collaboration 🤔

(for some it already is, but it's still the exception, not the rule)
I'd say "hahaha" in memoriam #Monotone. Unfortunately it was way slower than git for this very specific reason.
there is also a short summary at #mercurial about the problems of #signing in #git (and in general): ther_VCS_Systems" target="_blank" rel="noopener noreferrer">https://www.mercurial-scm.org/wiki/CommitSigningPlan#Comparison_to_Other_VCS_Systems
incidentally I wan't even aware that there was a new #signing extension to #mercurial 😉 thanks 😄
⇧