diff --git a/.husky/commit-msg b/.husky/commit-msg
index c160a771..0398b7a8 100644
--- a/.husky/commit-msg
+++ b/.husky/commit-msg
@@ -1,4 +1 @@
-#!/usr/bin/env sh
-. "$(dirname -- "$0")/_/husky.sh"
-
 npx --no -- commitlint --edit ${1}
diff --git a/.husky/pre-commit b/.husky/pre-commit
new file mode 100644
index 00000000..c33e8a5d
--- /dev/null
+++ b/.husky/pre-commit
@@ -0,0 +1,8 @@
+if git config --get commit.gpgsign | grep -q "true"; then
+  # It’s still possible signing was disabled for this particular commit with `git commit --no-gpg-sign`.
+  # But we ignore that case because it’s difficult to detect.
+  exit 0;
+fi
+
+echo "Commit signing is required. See: https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits"
+exit 1;
diff --git a/.yarn/install-state.gz b/.yarn/install-state.gz
index bdefa1a4..2ad2d92a 100644
Binary files a/.yarn/install-state.gz and b/.yarn/install-state.gz differ
diff --git a/package.json b/package.json
index 2a295fb7..88725ce3 100644
--- a/package.json
+++ b/package.json
@@ -39,6 +39,7 @@
     "github-actions:push": "act push -s GH_PAT=$GH_PAT -s GITHUB_TOKEN=$GH_PAT -s NPM_TOKEN=$NPM_TOKEN",
     "github-actions:push:release-tag": "act push -e .github/test-events/push-release-tag.json -s GH_PAT=$GH_PAT -s GITHUB_TOKEN=$GH_PAT",
     "npmpkgjsonlint:check": "npmPkgJsonLint .",
+    "prepare": "husky",
     "prettier:check": "prettier --check .",
     "prettier:fix": "prettier --write .",
     "publish-packages": "yarn run publish-packages:npm && yarn run publish-packages:github && yarn run publish-packages:custom && yarn changeset tag",