Description
A Git signing tool that uses Sigstore for keyless commit and tag signing. It helps developers prove identity through short-lived credentials instead of managing long-lived signing keys manually.
Use it when your project accepts Sigstore-based Git signatures. Signing depends on identity providers, transparency logs, and policy checks, so understand the trust model.