Skip to content

Tweak information regarding the GitHub GPG key #6615

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
May 25, 2021
Merged

Tweak information regarding the GitHub GPG key #6615

merged 2 commits into from
May 25, 2021

Conversation

jernej-9
Copy link
Contributor

@jernej-9 jernej-9 commented May 20, 2021
edited
Loading

Why:

Following the discussion #6444 I had with @felicitymay, this pull request includes changes to information regarding GPG verification that have been discussed in that thread.

What's being changed:

The paragraph with information on GitHub's key that is used to sign web commits has been slightly rearranged to improve readability, and the full fingerprint of the key has been added, which enables everybody to directly verify that the key they downloaded is indeed correct.

Check off the following:

  • I have reviewed my changes in staging (look for the deploy-to-heroku link in your pull request, then click View deployment).
  • For content changes, I have completed the self-review checklist.

I think that for security reasons, before merging in this pull request, it is necessary that at least one, but preferably more GitHub employees check the key fingerprint and explicitly write an approval in this pull request stating that the fingerprint is indeed correct.

@jernej-9
Tweak information regarding the GitHub GPG key
6da1783 
The paragraph is now phrased differently to improve readability by
moving the Codespaces information together, and the full fingerprint of
the key used to sign web commits is added so that users downloading the
key can directly verify that it is correct.
@welcome
Copy link

welcome bot commented May 20, 2021

Thanks for opening this pull request! A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.

@github-actions github-actions bot added the triage Do not begin working on this issue until triaged by the team label May 20, 2021
@jernej-9 jernej-9 marked this pull request as ready for review May 20, 2021 14:19
@felicitymay
Copy link
Contributor

Hi again @jernej-9, many thanks for the PR ✨

I think that for security reasons, before merging in this pull request, it is necessary that at least one, but preferably more GitHub employees check the key fingerprint and explicitly write an approval in this pull request stating that the fingerprint is indeed correct.

Thanks for reminding us about this - it's a great point. I'll check on the right people to look at this PR.

@felicitymay felicitymay self-assigned this May 20, 2021
@felicitymay
Copy link
Contributor

You can see a preview of the updated file here: https://docs-6615--tweak-gpg-info.herokuapp.com/en/github/authenticating-to-github/managing-commit-signature-verification/about-commit-signature-verification#about-commit-signature-verification.

@github github deleted a comment May 21, 2021
@janiceilene janiceilene added content This issue or pull request belongs to the Docs Content team waiting for review Issue/PR is waiting for a writer's review and removed triage Do not begin working on this issue until triaged by the team labels May 21, 2021
@felicitymay
Copy link
Contributor

Hi - sorry for the delay in getting back to you. The engineering team has verified that the fingerprint that you've included is correct.

I'm going to update this PR from main and merge your improvements to the article. Thanks for your help ✨

@felicitymay felicitymay enabled auto-merge (squash) May 25, 2021 10:55
@felicitymay felicitymay merged commit c4e1cb7 into github:main May 25, 2021
@github-actions
Copy link
Contributor

Thanks very much for contributing! Your pull request has been merged 🎉 You should see your changes appear on the site in approximately 24 hours. If you're looking for your next contribution, check out our help wanted issues

@jmarshall jmarshall mentioned this pull request May 26, 2021
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felicitymay felicitymay felicitymay approved these changes

Assignees

@felicitymay felicitymay

Labels
content This issue or pull request belongs to the Docs Content team waiting for review Issue/PR is waiting for a writer's review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jernej-9 @felicitymay @janiceilene