create-github-app-token icon indicating copy to clipboard operation
create-github-app-token copied to clipboard

Published 20 hours ago verified publisher icon actions

Request to enable commit signature verification for repository

Open a-coggins opened this issue 3 months ago • 1 comments

Hello,

This repository currently does not use verified commits. For organizations with strict supply chain security policies—including ours—this presents a compliance issue. We require all GitHub Actions dependencies to originate from repositories with verified commits to ensure integrity and traceability.

Please consider enabling commit signing for this repository.

Thank you.

a-coggins avatar Aug 07 '25 11:08 a-coggins