15 repository-uri
Mechanisms for cryptographically signing commits to verify identity and ensure repository integrity.
Distinct from Commit History Management: Distinct from general commit history management: focuses specifically on cryptographic verification via GPG/SSH.
Explore 15 awesome GitHub repositories matching devops & infrastructure · Commit Signing. Refine with filters or upvote what's useful.
Gitui is a terminal user interface and repository manager built with Rust. It provides a keyboard-driven visual environment for performing version control operations without the need to type manual command line arguments. The application enables the management of Git branches, commits, and remote synchronization, alongside capabilities for stashing temporary work and managing submodules. It includes support for GPG commit signing to verify identity through cryptographic signatures. Users can customize the experience through keyboard shortcut rebinding and visual theme adjustments. The interf
Supports cryptographically signing commits using GPG to verify contributor identity.
GitUI is a terminal-based interface for managing Git repositories, providing an interactive environment for executing version control operations, inspecting commit logs, and navigating file hierarchies. It functions as a keyboard-driven client that allows users to stage changes, manage branches, and review project history directly from the command line. The application distinguishes itself through a focus on interface responsiveness and user-defined workflows. It utilizes background thread offloading and asynchronous data caching to maintain performance during complex operations, while offeri
Provides cryptographic commit signing via GPG and SSH to verify identity and ensure version control history integrity.
This project is a comprehensive, curated directory of static analysis, linting, and security scanning utilities. It serves as a central resource for developers to discover, compare, and select tools based on specific programming languages, licensing models, and integration requirements. The directory distinguishes itself by providing deep metadata for each listed utility, including community-driven popularity rankings, maintenance status, and deployment methods. By aggregating these tools into a single searchable index, it enables teams to identify solutions for enforcing coding standards, ma
Ensures commit authenticity by applying cryptographic signatures to automated code changes.
This project is a comprehensive hardware security guide for using YubiKey tokens to manage encryption, digital signatures, and secure authentication. It provides technical instructions for configuring hardware security modules to handle digital identity and cryptographic materials. The documentation focuses on the implementation of OpenPGP and SSH workflows, specifically covering the creation of master key hierarchies, the rotation of subkeys, and the use of hardware-backed keys for secure shell connections. It also details methods for verifying code authorship through signed Git commits and
Enables the verification of code authorship by signing Git commits and tags with hardware-backed keys.
Ungit is a web-based graphical interface and version control client for managing Git repositories. It provides a visual dashboard for performing version control operations, staging changes, and committing files without using a terminal. The project integrates third-party merge utilities to resolve file conflicts and includes a system for signing and verifying the authenticity of code contributions using PGP encryption keys. The interface maintains synchronization with the local filesystem by monitoring directory changes in real time to update the repository state. It interfaces with the unde
Implements cryptographic signing of commits to verify contributor identity using PGP keys.
bup is a deduplicating backup manager and incremental backup system. It uses a Git packfile-based storage format to eliminate redundant data across files and versions, treating every incremental save as a full backup. The system provides secure remote transport interfaces for transferring and managing backup data on remote servers via SSH. It also includes a backup repository browser available as both a web interface and a filesystem mount for exploring and retrieving files from snapshots. The project covers broad capability areas including disaster recovery, repository administration, and s
Ensures that repositories containing cryptographically signed commits can be processed without data loss or failure.
Sapling is a scalable version control system designed to handle repositories with millions of files and commits, making it suitable for large monorepos. It reads and writes Git repositories natively, maintaining full interoperability with Git remotes and standard workflows, and provides an interactive commit graph for exploring repository history and state. The system uses a bookmark-based branching model that eliminates named branches in favor of lightweight, movable labels for commits. It tracks how each commit was created, amended, rebased, or split through commit-graph-based mutation trac
Attaches cryptographic signatures to commits using GPG, SSH, or X.509 backends.
Flux is a Kubernetes GitOps controller and deployment engine that synchronizes cluster state with configurations stored in a Git repository. It serves as a system for continuous delivery, utilizing a manifest generator to create configuration files from templates and a reconciliation loop to ensure the live environment matches the desired state defined in versioned repositories. The project distinguishes itself through a container image automator that scans registries and updates manifests based on semantic versioning or regular expressions. It incorporates secure configuration deployment via
Applies GPG keys to automated commits to create a verifiable audit trail of system changes.
This project is a comprehensive guide to Git version control standards and best practices. It provides a set of instructions for writing professional commit messages and managing repository history to ensure project maintainability. The documentation covers the standardization of commit messages through specific rules for mood, capitalization, and structural separation of subjects and bodies. It also includes guidelines for composing pull request summaries and cover letters to provide maintainers with necessary technical context and logic. The guide extends to repository security and history
Explains how to sign commits and validate origins to prevent unauthorized changes.
Requires signed-off-by lines on commits to certify legal origin of contributions.
Apache NiFi is a flow-based programming platform that enables the visual design, monitoring, and management of data pipelines. At its core, it provides a web-based visual dataflow designer where users build directed graphs of processors to route, transform, and mediate data movement between any source and destination without writing custom code. The system records fine-grained data provenance for every data item from ingestion to delivery, supporting audit, debugging, and replay of data lineage. The platform distinguishes itself through a zero-master cluster architecture that distributes proc
Requires each commit to be signed to verify authorship before the patch is merged into the project.
itpol is a framework for cryptographic key management, digital signature policies, and security hardening. It provides an IT policy template library and infrastructure access frameworks to establish organizational security guidelines and governance. The project focuses on cryptographic identity management through the use of PGP and SSH keys, alongside a security hardening guide for workstations. It defines standards for software supply chain security, specifically regarding the signing of code commits and software releases to ensure provenance. The system covers a broad range of security cap
Defines a policy for cryptographically signing Git commits and tags to verify code provenance.
This project is a native implementation of the Git version control system for Go applications. It provides a programmable API and a low-level plumbing toolset that allows developers to manage repositories, manipulate object graphs, and perform version control operations without requiring external system binaries or C bindings. The library is distinguished by its flexible storage and network layers, featuring a virtual file system that enables in-memory repository management to bypass disk I/O. It supports pluggable network transports and interface-based storage backends, allowing for custom p
Provides mechanisms for cryptographically signing commits to verify author identity and ensure integrity.
Flipt is a Git-native feature management platform and enterprise feature toggle server. It uses Git repositories as the primary source of truth for feature flag configurations, implementing a GitOps workflow where application functionality is controlled through version control. The system distinguishes itself by utilizing pull requests and code reviews for configuration changes and providing a vendor-neutral evaluation protocol to ensure consistent behavior across different management tools. It supports air-gapped operations with offline license validation for secure, internet-isolated enviro
Requires digital signatures on version control commits to ensure the authenticity of configuration changes.
This is an asynchronous Swift client library for calling OpenAI’s API across Apple platforms. It provides native access to chat completions, image generation and editing, speech synthesis and transcription, text embeddings, and content moderation through a single interface built on Swift’s async-await concurrency model. The client supports structured output generation by constraining model responses to a provided JSON schema, and enables real-time consumption of generated text through streaming responses delivered as an AsyncSequence. It includes a thread-based conversation model for managing
Rejects any commit that is not cryptographically signed, ensuring the identity of the author.