Scripts to sign and verify Git commits using Minisign
How does it work
Signs the commit object under the given hash and then saves the signature to Git notes. If the commit object with the given hash does not exist, it first tries to unpack
Once you do
git push, you also have to do
git push remote_name refs/notes/commitsto push the notes to the repo.
Fetches commit notes, then extracts the signature from the note of the commit under the given hash, checks if the commit is unpacked, unpacks the commit if needed and then verifies the signature.
Commits are signed using Minisign and signatures are stored in git notes.