There's a new ci action for PRs to check that new commits are signed.
All committers already have PGP/GPG keys, so just make sure you're also
signing commits. You can add this to your ~/.gitconfig (or equivalent) to
do it automatically:
[commit]
gpgSign = true
Upload your public key to github <https://github.com/settings/keys> to make
the verified badges green.
More info: FINERACT-2177
<https://issues.apache.org/jira/browse/FINERACT-2177>, PR #5431
<https://github.com/apache/fineract/pull/5431>.
Hints: 1) try it locally before pushing. 2) have git run it for you: Create
.git/hooks/pre-push with:
#!/bin/sh
scripts/verify-signed-commits.sh --strict
Be sure to make that script executable.
--
Adam Monsen
Software Engineer » Mifos Initiative
Release Manager » Apache Fineract
Author » Steadfast Self-Hosting
PGP key » 0xA9A14F22F57DA182
