@@ -1117,10 +1117,7 @@ When you enable commit signing in Gitaly:
...
@@ -1117,10 +1117,7 @@ When you enable commit signing in Gitaly:
- GitLab signs all commits made through the UI.
- GitLab signs all commits made through the UI.
- The signature verifies the committer's identity, not the author's identity.
- The signature verifies the committer's identity, not the author's identity.
- GitLab uses these default values for the committer:
- You can configure Gitaly to reflect that a commit has been committed by your instance by setting `committer_email` and `committer_name`. For example, on GitLab.com these configuration options are set to `noreply@gitlab.com` and `GitLab`.
- Email: `noreply@gitlab.com`
- Name: `GitLab`
`rotated_signing_keys` is a list of keys to use for verification only. Gitaly tries to verify a web commit using the configured `signing_key`, and then uses
`rotated_signing_keys` is a list of keys to use for verification only. Gitaly tries to verify a web commit using the configured `signing_key`, and then uses
the rotated keys one by one until it succeeds. Set the `rotated_signing_keys` option when either:
the rotated keys one by one until it succeeds. Set the `rotated_signing_keys` option when either:
@@ -18,7 +18,6 @@ title: Signed commits from the GitLab UI
...
@@ -18,7 +18,6 @@ title: Signed commits from the GitLab UI
- Displaying **Verified** badge for signed GitLab UI commits [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124218) in GitLab 16.3 [with a flag](../../../../administration/feature_flags.md) named `gitaly_gpg_signing`. Disabled by default.
- Displaying **Verified** badge for signed GitLab UI commits [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124218) in GitLab 16.3 [with a flag](../../../../administration/feature_flags.md) named `gitaly_gpg_signing`. Disabled by default.
- Verifying the signatures using multiple keys specified in `rotated_signing_keys` option [introduced](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/6163) in GitLab 16.3.
- Verifying the signatures using multiple keys specified in `rotated_signing_keys` option [introduced](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/6163) in GitLab 16.3.
-`gitaly_gpg_signing` feature flag [enabled by default](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/6876) on GitLab Self-Managed and GitLab Dedicated in GitLab 17.0.
-`gitaly_gpg_signing` feature flag [enabled by default](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/6876) on GitLab Self-Managed and GitLab Dedicated in GitLab 17.0.
- Default values for `committer_name` and `committer_email` fields [introduced](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/7620) GitLab 17.10.
{{</history>}}
{{</history>}}
...
@@ -55,8 +54,7 @@ Before you can use commit signing for GitLab UI commits, you must
...
@@ -55,8 +54,7 @@ Before you can use commit signing for GitLab UI commits, you must
## Committer field of the commits
## Committer field of the commits
In Git, commits have both an author and a committer.
In Git, commits have both an author and a committer.
For web commits, the `Committer` field is configurable.
For web commits, the `Committer` field is configurable. To update this field, see
By default it is set to `GitLab <noreply@gitlab.com>`. To update this field, see
[Configure commit signing for GitLab UI commits](../../../../administration/gitaly/configure_gitaly.md#configure-commit-signing-for-gitlab-ui-commits).
[Configure commit signing for GitLab UI commits](../../../../administration/gitaly/configure_gitaly.md#configure-commit-signing-for-gitlab-ui-commits).
GitLab provides multiple security features that rely on the `Committer` field to be set to the user who creates the commit.
GitLab provides multiple security features that rely on the `Committer` field to be set to the user who creates the commit.
