Yes, it's so easy with this YK setup that there's no reason not to do it. The only exception is during rebase, but there's an option in GPG to disable signing then.
I sign all my commits so that everyone knows it was most likely me. You can even turn on branch protection in GitHub these days that rejects unsigned commits.
With all due respect, Mr. Torvalds isn't exactly famous for having designed the most secure kernel.
I sign all my commits so that everyone knows it was most likely me. You can even turn on branch protection in GitHub these days that rejects unsigned commits.
With all due respect, Mr. Torvalds isn't exactly famous for having designed the most secure kernel.