[
https://issues.apache.org/jira/browse/FINERACT-2177?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Adam Monsen resolved FINERACT-2177.
-----------------------------------
Fix Version/s: 1.15.0
Resolution: Fixed
> Git signed commits
> ------------------
>
> Key: FINERACT-2177
> URL: https://issues.apache.org/jira/browse/FINERACT-2177
> Project: Apache Fineract
> Issue Type: New Feature
> Components: Security
> Reporter: Valeria Sasvari
> Priority: Trivial
> Fix For: 1.15.0
>
>
> Implement Git signed commits in the Apache Fineract project to enhance the
> security and authenticity of contributions, ensuring that all commits are
> verified and trusted. Following the lead of other Apache Software Foundation
> projects, such as Apache HTTP Server and Apache Kafka which have already
> adopted signed commits we aim to align with this best practice to strengthen
> our security posture.
> Security Benefits:
> * Authenticity: Signed commits ensure that each commit is made by a verified
> contributor, reducing the risk of impersonation.
> * Integrity: Signed commits provide a cryptographic guarantee that the code
> has not been tampered with since it was committed.
> * Trust: By enforcing signed commits, the project can build greater trust
> with its users and contributors, knowing that the codebase is secure and
> verified.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
