coffeechat icon indicating copy to clipboard operation
coffeechat copied to clipboard
verified publisher icon fharper

Add Mike Lyons to people.json

Open mikelyons opened this issue 1 year ago • 6 comments

mikelyons avatar Apr 27 '24 17:04 mikelyons

Oh @mikelyons I missed the fact that your commit isn't signed, can you sign it please? See https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits

fharper avatar Apr 27 '24 18:04 fharper

⚠️ This PR contains unsigned commits. To get your PR merged, please sign those commits (git rebase --exec 'git commit -S --amend --no-edit -n' @{upstream}) and force push them to this branch (git push --force-with-lease).

If you're new to commit signing, there are different ways to set it up:

Sign commits with gpg

Follow the steps below to set up commit signing with gpg:

  1. Generate a GPG key
  2. Add the GPG key to your GitHub account
  3. Configure git to use your GPG key for commit signing
Sign commits with ssh-agent

Follow the steps below to set up commit signing with ssh-agent:

  1. Generate an SSH key and add it to ssh-agent
  2. Add the SSH key to your GitHub account
  3. Configure git to use your SSH key for commit signing
Sign commits with 1Password

You can also sign commits using 1Password, which lets you sign commits with biometrics without the signing key leaving the local 1Password process.

Learn how to use 1Password to sign your commits.

Watch the demo

github-actions[bot] avatar Apr 27 '24 18:04 github-actions[bot]

I wont be able to sign the commit in the near-term. What is the purpose of signing the commit? Thanks

mikelyons avatar Apr 29 '24 16:04 mikelyons

I wont be able to sign the commit in the near-term

No worries! You can do it when you have a couple of minutes free, it's quite straigthforward and will be useful if you contribute to other repositories :)

What is the purpose of signing the commit?

It's a best practice for any repositories, mainly to ensure there is no impersonification. There are some horror stories with popular libraries out there. As for this repository, it's way less critical of course, but it ensures nobody is adding someone's else personal information, and since it's standard procedure, usually not an issue.

fharper avatar Apr 29 '24 17:04 fharper

I was able to sign the most recent commit, but it appears that the check is still failing? please advise

mikelyons avatar May 04 '24 16:05 mikelyons

@mikelyons: yeah, the first commit isn't sign. You can amend a previous commit to sign it, or if it's easier for you, you can close this PR and create a new one with just one commit.

fharper avatar May 06 '24 18:05 fharper

I usually don't do that because it's private information, but if you explicitly give me the permission, I can add your information to the list by doing a PR myself.

In the meantime, I'm closing this one: feel free to reopen it if you can fix it by yourself. Add a comment to give me the permission if you want me to do it :)

fharper avatar Oct 02 '24 17:10 fharper