Skip to main content

此版本的 GitHub Enterprise 已停止服务 2022-10-12. 即使针对重大安全问题,也不会发布补丁。 为了获得更好的性能、更高的安全性和新功能,请升级到最新版本的 GitHub Enterprise。 如需升级帮助,请联系 GitHub Enterprise 支持

Displaying verification statuses for all of your commits

You can enable vigilant mode for commit signature verification to mark all of your commits and tags with a signature verification status.

Note: Vigilant mode is currently in beta and subject to change.

About vigilant mode

When you work locally on your computer, Git allows you to set the author of your changes and the identity of the committer. This, potentially, makes it difficult for other people to be confident that commits and tags you create were actually created by you. To help solve this problem you can sign your commits and tags. For more information, see "Signing commits" and "Signing tags." GitHub marks signed commits and tags with a verification status.

By default commits and tags are marked "Verified" if they are signed with a GPG or S/MIME key that was successfully verified. If a commit or tag has a signature that can't be verified by GitHub, we mark the commit or tag "Unverified." In all other cases no verification status is displayed.

However, you can give other users increased confidence in the identity attributed to your commits and tags by enabling vigilant mode in your GitHub settings. With vigilant mode enabled, all of your commits and tags are marked with one of three verification statuses.

Signature verification statuses

部分验证提交已签名,签名已成功验证,但提交的作者:a) 不是提交者,并且 b) 已启用警戒模式。 在这种情况下,提交签名并不保证作者的同意,� 此提交只得到部分验证。
- 提交已签名,但签名� 法验证。
- 提交未签名,并且提交者已启用警戒模式。
- 提交未签名,并且创建者已启用警戒模式。

You should only enable vigilant mode if you sign all of your commits and tags and use an email address that is verified for your account on GitHub Enterprise Server as your committer email address. After enabling this mode, any unsigned commits or tags that you generate locally and push to GitHub will be marked "Unverified."

您可以在 GitHub Enterprise Server 上检查已签名提交或� �记的验证状态,并查看提交签名未验证的原� 。 有关详细信息,请参阅“检查提交和� �记签名验证状态”。

Enabling vigilant mode

  1. 在任何页面的右上角,单击个人资料照片,然后单击“设置”。

    用户� �中的 Settings 图� �

  2. In the user settings sidebar, click SSH and GPG keys. Authentication keys

  3. On the SSH Settings page, under "Vigilant mode," select Flag unsigned commits as unverified.

    Flag unsigned commits as unverified checkbox