well, Isn't it looking cool to see green verified badge? 😜
Besides, it has some good benefits too.
When you commit a change with Git, it accepts as author whatever value you want. This means you could claim to be whoever you want when you create a commit.
That means, in a organisation repository as a one of collaborators I can do a commit in your name by changing git config user.name and git config user.email to yours.
This will not work for his repository because it will ask for authentication but you can do in shared repo and this will raise question to the real author of that commit.
So, Signing your commits will provide you authenticity to your commits. Even in any case of misuse, you can easily prove them that it's not yours. Hope this gives you a good idea about signing git commits.
To check your global config:
> git config -l --global
Here's the interesting article about this.
Now, How to Sign git commits?
This setup needs few installations and configuration. Instead of writing my own article I thought to share a detailed article about it.
Setting up our Git to sign commits
Let me know if you have any questions.
Git commit Standards
I used to follow git commitizen plugin for git commits. but now I follow the same in my own.
<Add><Update><Remove><Feat><Fix>: <JIRA_ID> <one liner commit>
this will give a neat commits in log.