It depends on the jurisdiction. In the US, copyright assignment is usually permanent. In the EU and Canada, you can claw back your rights to a degree and even revoke the usage altogether, if you manage to claw it back because they did "evil" things with it (moral rights).

In some cases (even in the US), if the employer does something that would be considered a "breach of contract", you can force them to remove all your code as well.

So, it would not be in the company's best interest to scrub their git history.

I think even in the EU and Canada, you don't have any copyright interest in work your perform as part of your employment. The copyright on the work you produce for your employer is entirely theirs, from the moment it is created.

Now, if you're a contractor performing work for a company, this may be quite different. But as an employee, I don't think you have any claim of authorship to the code you right as part of your job.

Look up "moral rights." You have some ability to revoke the usage of your work if it violates moral standards.

Some countries allow authors to transfer/assign or waive asserting their moral rights. Typically (and sensibly) this must be in writing.

> git does allow you to rewrite history arbitrarily.

Technically yes, but the price is too great - everybody who has cloned the repos will now have to nuke their local copies too.

Sure, but the same is true for unsigned commits as well, isn't it? Or can you modify the commit metadata without changing the commit hash in those cases?

> Sure, but the same is true for unsigned commits as well, isn't it?

Yes, I think so. As I understand, GP's idea was to sign your commits proactively.

My question was, is signing the commits really useful? Isn't it just as hard or easy to scrub you from the repo history regardless of whether the commits are signed or not?