"Require signed commits" not limiting pushing of new code #123808
Unanswered
aviperl-100boulevard
asked this question in
Code Security
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Select Topic Area
Question
Body
I have enabled the "Require signed commits" rule for branches matching the wildcard
*
. When editing the rule, I can see that all my existing branches are in scope. However, when trying to push a code change that is not signed with a gpg key, the push is accepted. This is true if this is the first push of the branch or an update to an existing one.Am I missing something about the intension of the feature? My goal is that developers on the team are not able to push code unless it is verified.
Beta Was this translation helpful? Give feedback.
All reactions