[Feature Request] Support GPG commit signing in sandboxed environment

Resolved 💬 2 comments Opened May 15, 2026 by robotparty Closed Jun 14, 2026

Bug Description
claude code is not able to use GPG for commit signing while sandboxed due to blocked syscalls (on ubuntu).
Since our org requires commit signing and I insist on enabling the sandbox for security reasons, claude cannot make commits for me which slows the workflow down (I have it stage and print a commit message).
This friction for sensitive envs is desirable but it would be nice for claude to be able to sign commits in prescribed situations (as described in settings.json sandbox section), especially for agentic workflows.
One solution (in lieu of adding this feature) might be to run claude code in a container, un-sandboxed, with it's own instance of gpg and it's own keys but obviously that's not as convenient or accessible as the claude code native feature.

Environment Info

  • Platform: linux
  • Terminal: tmux
  • Version: 2.1.142
  • Feedback ID: 7d9cf300-e7cd-4952-9001-3d090537f37e

Errors

[]

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗