此版本的 GitHub Enterprise 将停止服务 2022-02-16. 即使针对重大安全问题,也不会发布补丁。 要获得更好的性能、改进的安全性和新功能,请升级到 GitHub Enterprise 的最新版本。 如需升级方面的帮助,请联系 GitHub Enterprise 支持

Signing commits

You can sign commits locally using GPG or S/MIME.

注: GitHub Desktop 不支持提交签名。

Tips:

To configure your Git client to sign commits by default for a local repository, in Git versions 2.0.0 and above, run git config commit.gpgsign true. To sign all commits by default in any local repository on your computer, run git config --global commit.gpgsign true.

To store your GPG key passphrase so you don't have to enter it every time you sign a commit, we recommend using the following tools:

  • For Mac users, the GPG Suite allows you to store your GPG key passphrase in the Mac OS Keychain.
  • For Windows users, the Gpg4win integrates with other Windows tools.

You can also manually configure gpg-agent to save your GPG key passphrase, but this doesn't integrate with Mac OS Keychain like ssh-agent and requires more setup.

If you have multiple keys or are attempting to sign commits or tags with a key that doesn't match your committer identity, you should tell Git about your signing key.

  1. When committing changes in your local branch, add the -S flag to the git commit command:
    $ git commit -S -m "your commit message"
    # Creates a signed commit
  2. If you're using GPG, after you create your commit, provide the passphrase you set up when you generated your GPG key.
  3. When you've finished creating commits locally, push them to your remote repository on GitHub Enterprise Server:
    $ git push
    # Pushes your local commits to the remote repository
  4. On GitHub Enterprise Server, navigate to your pull request.
  5. 在拉取请求中,单击 Commits(提交)拉取请求上的提交选项卡
  6. To view more detailed information about the verified signature, click Verified. Signed commit

Further reading

此文档对您有帮助吗?

隐私政策

帮助我们创建出色的文档!

所有 GitHub 文档都是开源的。看到错误或不清楚的内容了吗?提交拉取请求。

做出贡献

或者, 了解如何参与。