Gpg signature support for JGIT
1 answer
JGit has a task to implement signed commits . Most of them, but at least the cryptographic provider dependency task is also needed for signed tags.
I suggest you run git as a new process to modify an existing commit with a signature or to create a new signed tag. JGit has no problem making commits or tags.
(Note: Gaining security through automatic signature generation that you would not have without a signature is unlikely.)
+3
source to share