After I change some files on my local repository I want to commit these to my GitHub rep. Everytime this error shows up and I have no idea how to fix it. I tried to uninstall VSCode and Git on my PC, changes nothing.
error: cannot spawn gpg2: No such file or directory error: gpg failed to sign the data fatal: failed to write commit object
You chose to use gpg2 to sign each commit. Git itself never does any authentication, and simply believes you when you tell it that you are Fred Astaire, or Ginger Rogers, or whoever you wish to claim to be.
Some people object to this. To help them out, Git offers the ability to run digital signature programs. You can choose to:
Sign every single commit: those who have access to digital signature verification software can then be assured that you are indeed Fred Rogers, or Ginger Astaire, or whomever.
Sign tags: those who have access to digital signature verification software can then tell that you, whoever the signature verifies you to be, have agreed that this particular tag represents a good version of the software.
Because commits form a Merkle tree, signing a tag is "as good as" signing all the commits leading up to the tag.1
If you do choose to digitally sign each commit, or some tags, you must provide the digital signature software that will do this. Git does not come with PGP or GPG. They are pretty widely available though. You may need to configure Git somewhat; see gpg failed to sign the data fatal: failed to write commit object [Git 2.10.0] for additional details.
1More precisely, it's as good as the cryptographic hashes in the Merkle tree can verify. Since Git's are a bit weak, this isn't as good as signing every commit. However, the weaknesses in SHA-1, at least as they are known today, are not that large, so that any attack on the commit chain would be obvious.
