Commit and tag objects can carry gpgsig headers today (we preserve them on round-trip), but we don’t verify them. Hosting products show a "Verified" badge.

Scope

• Sign.verify_commit(repo, sha, trust_root) → {:verified, key_id} | {:unverified, reason}
• Support GPG (PGP packets), SSH sigs (RFC 4880-style with git-ssh format), Sigstore/cosign bundles.
• trust_root is a caller-provided set of keys (or verification callback) — the library doesn’t ship a keyring.
• Same for tags via the tagger signature field.

Acceptance

• Verifies a known-good GPG-signed commit produced by git commit -S.
• Verifies a known-good SSH-signed commit produced by git commit -S with gpg.format=ssh.
• Rejects tampered payloads.