This is a preview of our upcoming release. We ❤️ feedback: hello@fluidkeys.com

Fluidkeys

Sign and verify code

With Fluidkeys, signing and verifying commits, tags, releases and binaries is simple. Your team can see that code changes really came from a trusted developer and not a compromised account.

01 sign and verify code

Configure git to sign code

Fluidkeys configures gpg, git and Github to work together seamlessly.

02 configure git to sign code

Verify code with status checks

Use Fluidkeys status check to verify that code was signed by an authorized team member, not just anyone.

03 github fluidkeys status check

Enforce signed code

For extra security, use Github branch protection to block unsigned code from entering the codebase.

04 status checks branch protection

Verify signatures locally

Verify signatures in the normal git log workflow. All the team's keys are download automatically, allowing offline verification.

05 verify git signatures locally