Sign your Git commit with a PGP key
Use your PGP keys from your YubikeyAuthenticity is a psychological and philosophical concept. According to existential philosophy, the lack of authenticity is a sign of lack of trustworthiness.
We should not only be authentic in what we do, but also in what we produce.
In early 2021, a software was reported to have malicious code introduced through changes made by well known developers. In this particular case, the changes were noticed in time, but that was rather lucky.
Conditional Git Config
Those who can't use their head must use their ... profile!You have once again committed with your private mail address in a repo where you should actually use your company profile?
Does this sound familiar to you?
I know this only too well, sometimes noticed early enough but mostly my private profile ends up in the commit!
So if we can’t manage to remember to use the right config by ourselves, then this must happen automatically.