Commit signing involves augmenting a commit with a cryptographically secure digital ‘signature’ to verify that a commit has in fact been made by the user claiming to make it. Git platforms supporting this feature will verify that the signature is authentic and therefore must have come from the signatory. Some Git platforms also provide a visual indication in their user interface that a commit has been signed.

See also