feat: add signed commits capability

[hugodocto]

This PR adds the signing commits feature to Goreleaser.

---

This change is being made in an attempt to guarantee that commits are not altered and are coming from a trusted source. This would allow organisations to enforce Github signed commits on repository in a safe manner.

[Copilot]

Pull Request Overview

This PR introduces signed commit capabilities into goreleaser to ensure commits are verified and come from trusted sources.

• Adds a new CommitSigning configuration struct and integrates it into CommitAuthor.
• Updates the Get and Default functions to support templating for signing configuration.
• Adds new tests in author_test.go and git_test.go and adjusts git client configuration to apply signing flags.

Reviewed Changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
pkg/config/config.go	Adds CommitSigning struct with signing options and integrates it with CommitAuthor configuration.
internal/commitauthor/author_test.go	Introduces tests validating commit signing behavior and error handling for misconfigured templates.
internal/commitauthor/author.go	Updates Get and Default functions to support templating and defaulting of signing parameters.
internal/client/git_test.go	Adds tests ensuring git client correctly applies signing configuration and behavior.
internal/client/git.go	Modifies git commands to conditionally enable commit signing and apply related configuration flags.

[codecov]

Codecov Report

Attention: Patch coverage is 90.00000% with 4 lines in your changes missing coverage. Please review.

Project coverage is 82.73%. Comparing base (8180429) to head (dc50ccc).
Report is 14 commits behind head on main.

Files with missing lines	Patch %	Lines
internal/commitauthor/author.go	85.00%	2 Missing and 1 partial ⚠️
internal/client/git.go	95.00%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #5820      +/-   ##
==========================================
+ Coverage   82.66%   82.73%   +0.07%     
==========================================
  Files         164      164              
  Lines       16445    16496      +51     
==========================================
+ Hits        13594    13648      +54     
+ Misses       2258     2256       -2     
+ Partials      593      592       -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[caarlos0]

hey, thanks for the PR!

looking good so far, only missing piece (I think) is to update docs at www/docs/includes/repository.md

[hugodocto]

hey @caarlos0 , glad to hear that! I'll update the doc asap and put the PR as "ready for review"

[vedantmgoyal9]

• resolves Support commit signing for homebrew taps (and maybe other platforms too) #4616 🎉🎉🎉

[hugodocto]

hey @caarlos0, any news regarding this PR?

[caarlos0]

minor docs adjustments, LGTM otherwise!

thanks and sorry for the delay reviewing <3

[caarlos0]

Suggested change

	# Git commit author used to commit to the repository.
	# Templates: allowed.
	# Git commit author used to commit to the repository.
	#
	# <!-- md:inline_version v2.11 -->

[hugodocto]

o/

I pushed changes that should fix your comments; I did not "Commit suggestions" because I wasn't sure if you'll be able to approve if you co-authored the changes 🤷

No worries about the delays 😉

[caarlos0]

Thank you! <3