Forum Discussion
joshmock
2 years agoNew Contributor
I think they're hoping everyone storing PGP keys is using them for signing commits and as people discover it can be done with SSH, they'll give up asking for the feature.
I use GPG for more than just commit signing. Many CLI-based tools use GPG keys to encrypt secrets at rest, so that you can be prompted for your GPG passphrase at decrypt time rather than implementing some other standalone encryption scheme.
For example, https://www.passwordstore.org/ is used by my terminal email client to store my email account's password, which it encrypts using my GPG key.