Mintlify
Feature Request: Workflows should have the option for signed commits #5529
nrynss
started this conversation in
Feature Requests
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
The workflow agent currently pushes unsigned commits to the PR branches it opens. This blocks adoption for any team whose GitHub repository has a Require signed commits ruleset on the deploy branch — which is a common SOC 2 / ISO / internal-hardening control.
The Mintlify GitHub App already signs commits made through the web editor (according to Publish changes in the web editor > Commit signing). The workflow agent path doesn't currently extend that behavior, even though it's the same App identity.
Add commit signing to the workflow agent, with the same trust anchor used today by the web editor (the Mintlify GitHub App's signing identity), so workflow PRs satisfy Require signed commits rulesets out of the box.
Why it matters
Today we either disable the ruleset (lowering our security posture) or manually re-commit and sign every workflow PR, which defeats the purpose of the automation.
Beta Was this translation helpful? Give feedback.
All reactions