Unverified signature using GitHub mirrored repository

I am using GitLab to mirror a GitHub repository for CI/CD. After merging a pull request using the GitHub UI, GitLab shows the commit as being unverified.


GitHub uses their own public GPG key to verify commits done using their UI. Is there any solution to this problem? I’m certain that this is a common situation that users of GitLab’s mirroring feature are running into.

More info on GitHub’s public GPG key: https://stackoverflow.com/questions/60482588/what-is-githubs-public-gpg-key

I’ve stumbled upon a closed issue of the same problem, which does not have a solution: