Back to Changelog

Commit signing with SSH keys in Batch Changes (experimental)

No items found.
April 2, 2025

You can now sign commits with SSH keys in Batch Changes - giving enterprise teams a more secure, user-level alternative to GitHub Apps for commit verification. This feature is available in experimental form and currently supports GitHub and GitLab.

To get started, users add a personal access token (PAT) and check a box to enable commit signing. When they do, Sourcegraph generates an SSH key pair, surfaces the public key, and guides users to add it to their code host as a signing key. Site admins can also add PATs, and they function as a global credential to all users who don't set their own.

Once set up, any commit made through Batch Changes will be automatically signed, and GitHub (or GitLab) will display the familiar “Verified” badge on the resulting pull or merge request.

SSH key-based signing is a great fit for orgs that:

• Disallow GitHub Apps or personal access tokens with broad scopes

• Want a clear and secure audit trail on code changes

• Need to enable commit signing at the user level, not just globally

Learn more about commit signing in our docs.

Subscribe for the latest code AI news and product updates
Accelerating how software is built
Features
AI Editor Assistant
Code Search
Agents
Batch Changes
Resources
Documentation
Resource Library
Blog
Changelog
Case Studies
Community
Support Forum
Company
About
Careers
Contact
Handbook
Brand Guide
Pricing
Services
© 2025 Sourcegraph, Inc.
System statusTerms of servicePrivacy policy