Commit signing with SSH keys in Batch Changes (experimental)
Experimental support for SSH key–based commit signing in Batch Changes is now available for GitHub and GitLab.
You can now sign commits with SSH keys in Batch Changes - giving enterprise teams a more secure, user-level alternative to GitHub Apps for commit verification. This feature is available in experimental form and currently supports GitHub and GitLab.
To get started, users add a personal access token (PAT) and check a box to enable commit signing. When they do, Sourcegraph generates an SSH key pair, surfaces the public key, and guides users to add it to their code host as a signing key. Site admins can also add PATs, and they function as a global credential to all users who don't set their own.