Next.js starter your AI actually understands. Ship internal tools in days not weeks. Pre-order $199 $499 → [Get it now]

How to verify signed commits in Git

Łukasz Holeczek Łukasz Holeczek
calendar Thursday, December 18, 2025
#git #gpg #security #commit-signing

Verifying signed commits ensures the authenticity of code contributions and maintains security in collaborative projects. As the creator of CoreUI, a widely used open-source UI library, I’ve enforced commit signing in enterprise repositories throughout my 25 years of development experience. The most straightforward method is using git log --show-signature to display GPG signature verification status for each commit. This approach provides clear indication of whether commits are properly signed and verified.

Use git log with the –show-signature flag to verify signed commits.

git log --show-signature

Here the --show-signature flag displays GPG signature information for each commit in the log. Verified commits show “Good signature from” followed by the signer’s name and email. Unverified or unsigned commits display either no signature information or “Bad signature” warnings. You can also use git verify-commit <commit-hash> to check a specific commit’s signature validity.

Best Practice Note:

This is the same verification process we recommend for CoreUI enterprise projects requiring strict code authenticity. Configure Git to reject unsigned commits in protected branches using server-side hooks, and ensure all team members have properly configured GPG keys to maintain consistent signing across the repository.

Speed up your responsive apps and websites with fully-featured, ready-to-use open-source admin panel templates—free to use and built for efficiency.

Free Angular Admin Template
Angular
Free Bootstrap Admin Template
Bootstrap
Free React.js Admin Template
React Logo
React.js
Free Vue.js Admin Template
Vue.js

About the Author

Łukasz Holeczek

Łukasz Holeczek, Founder of CoreUI, is a seasoned Fullstack Developer and entrepreneur with over 25 years of experience. As the lead developer for all JavaScript, React.js, and Vue.js products at CoreUI, they specialize in creating open-source solutions that empower developers to build better and more accessible user interfaces.

With expertise in TypeScript, JavaScript, Node.js, and modern frameworks like React.js, Vue.js, and Next.js, Łukasz combines technical mastery with a passion for UI/UX design and accessibility. CoreUI’s mission is to provide developers with tools that enhance productivity while adhering to accessibility standards.

Łukasz shares its extensive knowledge through a blog with technical software development articles. It also advises enterprise companies on building solutions from A to Z. Through CoreUI, it offers professional services, technical support, and open-core products that help developers and businesses achieve their goals.

Learn more about CoreUI’s solutions and see how your business can benefit from working with us.
Subscribe to our newsletter
Get early information about new products, product updates and blog posts.
How to show or hide elements in React? A Step-by-Step Guide.
How to show or hide elements in React? A Step-by-Step Guide.
calendar Thursday, November 7, 2024
How to Choose the Best Bootstrap Admin Template in 2026: Complete Buyer's Guide
How to Choose the Best Bootstrap Admin Template in 2026: Complete Buyer's Guide
calendar Thursday, January 15, 2026
What Does javascript:void(0) Mean?
What Does javascript:void(0) Mean?
calendar Tuesday, June 4, 2024
How to Add a Tab in HTML
How to Add a Tab in HTML
calendar Saturday, March 1, 2025

Answers by CoreUI Core Team

How to deploy Angular app to Azure
How to use dependency injection in Angular
How to use transition-group in Vue
How to use modules in JavaScript
How to upload files in Node.js
How to deploy a React app to GitHub Pages