name: Commit Signatures
on:
push:
pull_request:
env:
CARGO_TERM_COLOR: always
permissions:
jobs:
signatures:
name: Assert all commits are PGP-signed
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
fetch-depth: 0
- name: Check commit signatures
run: bash contrib/check-signatures.sh