Versions:
smimesign is a lightweight S/MIME signing utility published by GitHub, Inc. that enables developers to cryptographically sign Git commits and tags with X.509 certificates instead of the more common GPG/PGP workflow. Designed for enterprise environments where centralized certificate authorities already issue and manage user credentials, the tool plugs directly into Git’s native gpg.program interface so no extra client configuration is required beyond pointing Git at the smimesign executable. Once installed, any standard git commit -S or git tag -s command transparently invokes smimesign to produce PKCS#7 detached signatures that are embedded in the repository history; recipients can later verify authenticity with git log --show-signature or git verify-commit by relying on the OS-trusted certificate store rather than a personal web-of-trust keyring. Typical use cases include organizations that mandate S/MIME for all code-signing operations, teams that wish to reuse existing corporate ID certificates for Git, and CI pipelines that must automatically sign releases without exposing private GPG keys. The current stable release is version 0.2.0, representing the second public iteration after the initial launch, and both versions remain available for compatibility testing. Because the utility is cross-platform and open-source, it integrates equally well on Windows, macOS, and Linux runners, making it a pragmatic drop-in replacement for GPG when X.509 infrastructure is already in place. smimesign is available for free on get.nero.com, with downloads provided via trusted Windows package sources (e.g. winget), always delivering the latest version, and supporting batch installation of multiple applications.
Tags: