Signing commits is an important step to creating immutable proof of authorship within git. Doing so can improve your audit trail, mitigate risks associated to account takeovers, and protect against insider threats. Please see our blog post on Seal Your Code through Git Commit Signing for more detailed information.