In this case, the synching feature won’t be able to sign any commits it altered via operations like rebase, merge, etc:
You can now use the web UI to synchronize an out of date branch of a fork with its upstream branch. If there are no merge conflicts between the branches, the fork’s branch is updated either by fast-forwarding or by merging from the upstream’s branch.
GPG signatures are naturally lost due to these operations, and only the original committer can sign them again, since the operation requires his/her private GPG/PGP key and password.
As far as I can remember, GitHub doesn’t handle encryption signatures on the user behalf, and only stores public keys in user accounts.