On Mon, May 25, 2020 at 01:13:16PM -0700, Vagrant Cascadian wrote: > Wait a minute... you're saying this is something that needs to be > configured on each committer's machine(s)? Yes, it was recommended in HACKING and then, after we removed that file, in the Commit Access section of the manual. We try to remind new committers to read these files but maybe we forgot for you. However, the security model does not depend on either it or on a post-receive server hook. It's simply to prevent mistakes. There are commits in the repo that are unsigned when they should have been signed, and even one commit that is signed but that fails the signature check :/ A simple pre-push hook would have caught that.