This is cool. A few years ago l, all my commits had a start of day timestamps but pgp signing yubikey and qubes proxy got in the way so I stopped.
Just presented my 2 hr hackathon project at #btcpp privacy edition, Riga!
https://github.com/feuplebian/git-futz
With the recent attacks on developers of cypherpunk software bythe state and other malicious actors, developer privacy is becoming more important.
So I developed a command-line tool to fuzz location and time information from your unpublished git commit messages before you push your commits to a public branch.
Comments and suggestions welcome :)
Discussion
Thanks for bringing up signing. That's indeed another source of privacy leak. I'll have to think about how to approach this :)
I think what we need is unattended signing, or probably more likely, batch signing (sign once no matter how many commits) 🤔