If git log and git show breaks that's a bug in Git not GitHub.
Besides, the error message seems to indicate that you'll just have to create an empty file, configure Git to read it and then it'll work, but Git will show unverified commits - just as it does if you haven't imported the authors' GPG keys.
$ git verify-commit HEAD
gpg: Signature made Wed Aug 17 08:29:23 2022 UTC
gpg: using RSA key 4AEE18F83AFDEB23
gpg: Can't check signature: No public key
You should not trust commits just because Git can display their signature. For it to be worth anything you must verify that the signature was made with a key that you trust.
git log --pretty="format:%GK" does not verify the signatures, it just shows which key was used to sign. You want git log --pretty="format:%G?" which prints an E if the signature could not be verified.
After importing and trusting GitHub's web-flow GPG key and then trying again I now get this:
$ git verify-commit HEAD
gpg: Signature made Wed 17 Aug 2022 10:29:23 CEST
gpg: using RSA key 4AEE18F83AFDEB23
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 2 signed: 7 trust: 0-, 0q, 0n, 0m, 0f, 2u
gpg: depth: 1 valid: 7 signed: 0 trust: 2-, 0q, 0n, 2m, 3f, 0u
gpg: Good signature from "GitHub (web-flow commit signing) <noreply@github.com>" [full]
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4