If you do not sign your commits, you deserve to be impersonated. Well, not really, but you get the gi(s)t.

Identity theft is not a joke, Jim.

Pijul decouples your identity from you commits & proves your SSH key ownership. It is a beautiful thing that you can change your name or email & not have to get a force push to update all that info since you are now just identified by the primary key from the identity server. No more worries about being embarrassed by your old Protonmail or GMail account,no more dead names in the commit history, & no care about identity stealing by just changing the config.