Add commit signing verification to Git pre-commit hook #129

	name: Release
	on:
	push:
	branches:
	- main
	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	env:
	TURBO_TEAM: ${{ vars.TURBO_TEAM }}
	TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
	jobs:
	changesets:
	name: Changesets
	runs-on: ubuntu-latest
	outputs:
	should-deploy: ${{ steps.changesets.outputs.hasChangesets == 'false' }}
	permissions: write-all
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4.1.7
	with:
	fetch-depth: 0
	- name: Setup Node.js
	uses: actions/setup-node@v4.0.3
	with:
	cache: yarn
	node-version-file: .node-version
	- name: Install Node.js dependencies
	run: yarn install
	- name: Build packages
	run: yarn turbo run build
	- name: Import GPG key
	uses: crazy-max/ghaction-import-gpg@v6.1.0
	with:
	git_commit_gpgsign: true
	git_user_signingkey: true
	gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
	- name: Setup Git user
	run: \|
	git config --global user.email org@spear.ai
	git config --global user.name org-spear-ai
	- name: Authenticate with NPM
	env:
	NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
	run: npm config set //registry.npmjs.org/:_authToken=$NPM_TOKEN
	- name: Authenticate with GitHub Packages
	env:
	GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
	run: npm config set //npm.pkg.github.com/:_authToken=$GITHUB_TOKEN
	- id: changesets
	name: Run Changesets — Create a Release Pull Request or merge a Release Pull Request
	uses: changesets/action@v1.4.7
	env:
	GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
	NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
	with:
	title: Release 🚀
	version: yarn run version
	commit: Release 🚀
	publish: yarn run publish-packages
	setupGitUser: false

Provide feedback