We use SSH that verifies in the same way, PGP wouldn't have changed anything, a botched branch rule  on one repo was the gap in preventing the push at all ... and vigilance mode would have flagged it more visibly

We don't distribute binaries that would need a signed hash

justin_shocknet

But isn't PGP-signing commits especially Bitcoin software... like basically mandatory? Your PGP key is basically who you are on the internet.

I Effed around and Found out about Openclaw so You Don't Have to

billytheked

Maybe I'm making assumptions...
But isn't PGP-signing commits especially Bitcoin software... like basically mandatory? Your PGP key is basically who you are on the internet.