Support Commit Verification Using Rebase and Merge

It would be awesome if GitHub could keep the verified badge on commits merged with the “rebase and merge” option. I believe this could be achieved by resigning any commit that was already signed with a verified key. This process could use GitHub’s own key at merge time the same way this is implemented with the “squash and merge” option. This change would allow projects using the “rebase and merge” option to benefit from the extra security offered by vigilant mode.