Happy that this finally shipped. I almost unsubscribed from the feature request discussion for this, even though I wanted to keep up with the status. The team ended up delayed shipping this feature and people are apparently unable to refrain from asking for status updates.
Yeah the constant “hey when is this happening” questions were unhelpful. The team did give periodic updates on the delays, along with confirmation that it was being actively worked on, and estimates of when it may be done, which is more than a lot of organizations give for new features.
I agree, the team did a great job on their part. :)
I found the documentation for this feature to be obscure and opaque. Took me 15 minutes of browsing to find all the necessary steps and, once I realized how difficult it was to implement, I gave up.
For one, it does not work with the default macOS 12.3 git.
I found this article quite helpful. You can see the changes to my dotfiles based on this here, in case that helps. In my case I use two computers with different SSH keys, so I also made some changes to support custom Git configurations, but you can skip past that if not needed.
That blog post is 100x better than the github blog post or its linked documentation.
Aww, thanks Mike.
Thank you, pushed my first verified commit on GitHub today thanks to your easy walkthru.
Seems clear enough to me. Use ssh-agent (if you don’t already; a lot of devs already need it for other reasons). Add two lines of config to tell git that your signing method is SSH and which key to use. Tell GitHub the key too so it can validate. Add -S to some commands or turn on an “always sign” config option.
But yes, it does require a version of git that’s less than a year old. It’s a new feature.
It’s worth noting that signing with SSH keys is very easy to use. It’s enough to have OpenSSH installed. E.g. to sign a file (1):
ssh-keygen -Y sign -f ~/.ssh/id_ed25519 -n file file_to_sign