David Handermann created NIFI-15377:
---------------------------------------
Summary: Require Signed Commits for main Branch
Key: NIFI-15377
URL: https://issues.apache.org/jira/browse/NIFI-15377
Project: Apache NiFi
Issue Type: Improvement
Components: Tools and Build
Reporter: David Handermann
Assignee: David Handermann
The ASF YAML configuration for the primary project repository should be updated
to require commit signing for the main branch. Requiring commit signing aligns
with the configuration of the NiFi API repository and provides an additional
level of security through signature verification status shown in the GitHub
commit history.
In addition to requiring commit signing, the ASF YAML configuration should be
updated to limit supported merge operations to squash and merge, avoiding the
other options which result in unnecessarily complex commit history.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
