Commitsigs Extension

This extension is not distributed with Mercurial.

Author: Martin Geisler



This extension allows you to digitally sign changesets as you create them. Mercurial already embeds a username in each changeset, but there is nothing that prevents users from impersonating each other since the username is freely configurable. Putting a digital signature into each changeset solves this problem by ensuring that only the owner of the private key could have made the changeset.

The GpgExtension already allows signing of changesets. However, this is done by committing changes to a .hgsigs file in the root of the working copy and so it requires extra changesets to be made. This makes it infeasible to sign all changesets. The .hgsigs file must also be merged like any other file when branches are merged. On the other hand, editing a .hgsigs file makes it possible to sign old changesets after the fact, something which this extension does not support by design.


Configure your .hgrc to enable the extension by adding following lines:

commitsigs = ~/path/to/

You must now choose a signature scheme to use: either gnupg or openssl. The first will use your GPG key to sign changesets, the latter will use a X509 certificate. Please see hg help commitsigs after enabling the extension for details.

Using Hooks

Currently, there are two different hooks you can use to ensure commits pushed to your repository have valid signatures:

To make sure all incoming changesets have valid signatures use the verifyallhook by adding the following lines to your hgrc file:

pretxnchangegroup.verifyall = python:commitsigs.verifyallhook

To ensure at least all incoming changesets denoting heads have valid signatures, use the verifyheadshook:

pretxnchangegroup.verifyheads = python:commitsigs.verifyheadshook


CommitsigsExtension (last edited 2020-07-16 12:13:42 by AndreKlitzing)