Commit signing involves augmenting your a commit with a cryptographically secure digital ‘signature’ to digitally signature to verify that a commit has in fact been made by a specific user. The Git platform can the user claiming to make it. Git platforms supporting this feature will verify that the signature is authentic , and therefore must 've have come from the signatory. Some Git platforms will indicate also provide a visual indication in their user interface that a commit has been signed.

...

See also