So 1Password CEO Jeff Shiner just committed code to one of my GitHub repositories. That’s strange. While he’s a developer at heart, I don’t think he gets much time to code these days. What’s going on here? As you might have guessed, this didn’t actually come from Jeff Shiner. In fact, anyone can spoof a Git committer or author name with just a few terminal commands and pretend to be someone else:
![Sign your Git commits with 1Password | 1Password](https://cdn-ak-scissors.b.st-hatena.com/image/square/9df3bda373361ee3aef5fb605f239e46be858456/height=288;version=1;width=512/https%3A%2F%2Fblog.1password.com%2Fposts%2F2022%2Fgit-commit-signing%2Fheader.png)