I'm evaluating GitHub as a way to keep under version control and share some excel files containing basically financial models.
The issue I'm facing is this one: I need to share the Release artifacts (a bunch of xlsx files) with people outside GitHub, so I'd like to include the version number in the filename to be sure that, even when the files will be further shared by business people through email or other non-GitHub means, that information won't be lost.
Is there a way to rename the artifacts automatically? GitHub Actions seemed to be the right way to address this thing, but unfortunately they're still unavailable on the Enterprise Server my company is using (v 2.19.13, I don't have any administrative access to it, btw), and adding some CI toolchain just to rename some files is probably too much.
Thank you in advance for any response!
Michele
Related
Does GitHub have public access restrictions?
Example file:
https://raw.githubusercontent.com/vuejs/vue/dev/package.json
What will happen if a million users download this file?
This is from a GitHub employee in regard to "raw" file access:
I spoke with our engineering team and learnt that there's a limit of
5000 requests per hour per IP address. Additionally, due to internal
routing and caching, that 5000 figure isn't going to be exact. We may
accept more but it's sometimes possible that we'll accept less too.
As was pointed out to me, if you're at risk of hitting this limit,
then you're probably doing something wrong and there's a better way to
obtain or even store the file.
After 1+ year of waiting, they still haven't confirmed if this is accurate or updated Docs, so I'm guessing routing requests via the GitHub API and using tokens might be more reliable.
Ref: https://github.com/littlebizzy/slickstack/issues/180
Ref: https://github.com/github/docs/issues/8031
I don't think there is any limitations. i have deployed many simple static website on github which gets accessed by a lot lot of users. At times, i have seen it being slow a lil bit(during heavy traffic). But limitations, there is not any limitations.
GitHib definitions for "public" code access are very vague online so hope this helps anyone who was as confused as I was!
GitHub confuses "public" with "open source".
The first is a permission-based access designation and "git" workflow strategy on GitHub, the latter a licensing issue and a broader code access paradigm. But they mix the two together to create a new workflow on their website for how code gets shared using source control git. That confused me.
In general, GitHub "public" repositories means close to the same thing as "open source" in terms of access and use. In general it means any public GitHub repo can be viewed, downloaded, forked, etc. But anything beyond that starting with "write" access on the owners original code base requires the "owner" of the repo to add that person as a "collaborator". I interpret that to mean unlimited and unrestricted access to copy, download, and view your code by any known person, machines, process., etc.!
However, the sample open source licenses (like GNU 3.0, etc.) they recommend you create or use for your projects might legally limit some use of your code. By they are not going to help you enforce or limit that. Once your code is online there is no script or lawyer or enforcing entity that can stop any of that. That is why its called "open source". I have used the GNU "free beer" license for distribution of my personal code before and like it though Ive never seen a need to enforce it as far as limiting much. The main thing it would help with is making sure you remain copyright owner on the code in the USA and in a few other countries....AND....stop big corporate entities from taking your code and claiming copyright, limiting free use, etc.
HOW GITHUB DEFINES "public"
Note: The following applies to GiHub individuals, not organizations or enterprise accounts which have much more granular control over GitHub code projects and repositories.
When you go public on GitHub, meaning you turn your repo to "public" access, you are allowing some form of "open source" or "free" use of the code. In the "git" world this could be many different things as far as both access and use. But in the GitHub world it implies full rights for people or machines to have "read" access by default when your repo is "public". What does that really mean as far as access and use? Well it means:
Anyone or any machine can view the code (they call it "visible") or code files online for free, including manually copy the code in a web browser. That means unlimited views and use of your code.
Anyone or any machine can "download" the code via their code download link. In the GitHub world that means a zip or other compacted wrapper of all the code files into a format you can download in one file. That means unlimited downloads of your code.
Anyone or any machine can "fork" (not "clone") the code. In the GitHub world that means GitHub copies the code and sticks that copy into your GitHub online web account, if you have one. This copy is a "fork" to them, though traditionally that's not what "forked software" means. With this copy a user can then download a "clone" of the forked code to their local machine and start modifying it and push changes to the GitHub forked copy. They cannot do anything with those changes as far as changing your original code base without you setting them up as a "collaborator". But it does includes sharing that with the world as well, which increases views and downloads of your code base to even more people you cannot track! So "public" means all the public clones, mirrors, or forks can be downloaded and shared as well.
BTW...."forking" the code in the GitHub world means copying the code with all the commit and git source history to their GitHub account so later - with more permissions granted by you - they can submit your code back to the original repository code base with a pull request for changes.
This confused me at first, as I thought a "public" repository at GitHub meant anyone can "clone" the original repo to their local box only, which would allow anyone to use a local copy of the GitHub remote repo and pull code updates. In that model they could never do push or pull request updates without additional permissions, which makes sense, but also could never share copies of your code online (unless they explicitly created a new repo at GitHub from your code base).
But that is not what "public" means to them. They want people to directly fork or copy projects into the public site and modify code on their platform using forks. That is the workflow GitHub encourages on "public" projects on their site. This allows any user or machine to make a full copy of everything and do whatever they like to that copy, including sharing and distributing it to others. This is why "public access" does open up your code to lots of crazy things including copies of your code spreading quickly across GitHub with no way to know how many people have truly used it in projects or even care to contribute back to your original.
Personally, at all the companies I have worked at that use Git, I have never seen that type of model for distribution of repositories. We always cloned a master in a development environment and built branches remotely and locally from there. It feels like this was not thought through as it opens up distribution of your code into millions of versions of forks most people never asked for, cannot sync, and will forget about over time.
Is there any way to disable viewers to download my files from github?
I want to show my work, but I am afraid anybody can steal my code.
You can't, Github actually means you want to share something with the community, or you are showcasing your work in the open source community. Unfortunately you cannot restrict the users from downloading your content from your Repository.
Alternatively what you can do Just make your Repository private. But then in this case you are not able to make you work available to view for audience.
More you can read here :-
https://help.github.com/en/github/building-a-strong-community/limiting-interactions-in-your-repository
Disabling zip/tarballs on GitHub at the moment seems to be impossible, but it would be useful for those using git submodules, which are not included in the automatic created archives, where the repository owner could replace them with a continuous integration job with something like git-archive-all.
I have a very simple question regarding the general organisation of folders in GitHub.
Because I often forget to commit specific GitHub project, I started to group different projects and folders in large generic folders.
For instance, I would have a general folder called all_projects, and put inside project 1, project 2, and so on. Then I would simply git add . everything at once.
As my general folders getting bigger and bigger, I was wondering if there are major drawbacks to this kind of organisation and how you would do it differently.
I think it's a bad practice to put everything you do in same folder. Not locally, but on Github.
Locally, you can create folder Programming or my_work or all_projects and in there, create projects separately. They also should have a proper name, not just be named. For example, if the project is doing web scraping instagram, name it Instagram web scraper or InstagramScraper or something that when read, almost instantly remember what you did just by reading project(folder) name.
Also, check if the project is large or small.
If this project is something you've built for long, with big project structure and lots of files connected somehow to each other, than you can push it to github with proper name of repo and README.md . It is self contained and it shouldn't be part of some else project that has nothing to do with it.
If small, like one script, or just something you've practiced while learning something, consider using https://gist.github.com . It's connected to your github account and it can hold small scripts.
P.S.
This is my personal opinion.
The problem i am trying to solve is where developers change files without going through the proper channels. The developer should be able to make the change himself but only after his work was approved, since the code is used in a lot of projects
I found this link that also describes my problem:
http://www.p4ideax.com/ideas/694/temporary-permissions
One way to do it is to have only the architects have access to the files and then granting the developer temporary access. Maybe the permission can be linked to a specific job in perforce. The only way i can see how to do that is by adding the files that the person should be able to change to a new field in the jobs template ( done by architect ). Then have a server app dynamically call p4 protect and manage the permissions table. Then when the job is closed the permission is revoked. The server app could be the bugtracker software.
Is there an easier way or even 3rd party software out there that can solve the problem?
I know that another way to solve it is to put these sensitive files in a branch and then only allow the architects permission to merge into this branch. This solution feels a bit heavy handed.
Any suggestions would be helpfull
This is something that could certainly be done with a pre-submit hook. There are examples at Perforce Depot.
My thinking would be to reject submits for files in that section of the depot that didn't have a job that was on the "approved list". You could create the approved list in a number of ways, although a simple one (if you're using Perforce globally) would be to put the job list into a file under repository control and then have that list be available only to the architects.
The pre-submit trigger would then basically need to:
- If the files being submitted aren't in the protected tree, let the submit happen
- Grab an r/o copy of the file from the depot
- Grab the job list from the submit
- grep the job against the list
- If the job is in the list, let the submit happen
- Reject the submit with an appropriate error message
I am currently working on a project to convert a number of Excel VBA powered workbooks to VSTO solutions. All of the workbooks will share a number of class libraries and third party assemblies, in fact most of the work is done in the class libraries. I currently have my folder structure laid out like this.
Base
Libraries
Assemblies
Workbooks
Workbook1
Workbook2
Each of the workbooks will be its own solution, and the workbook solutions just reference the assemblies in the folder structure. My question is how would you lay out the source control? Would you start the repository at the base? Or would you create a repository for each workbook solution? Would you rearrange the folders?
Now that we have the initial development done, we're about to have a bunch of outside developers come on to the project to helps us convert the rest of the workbooks and I really like the idea of them being able to check out from the base directory and having all of the dependencies ready to go. I also worry that there are other concerns that come with having 20+ solutions/projects under one source control repository.
I want everything to be as simple as possible for people joining the project but I don't want to sacrifice long term usability. In my mind I've been going back and forth, what's simpler one repository or one repository per solution?
I'd appreciate and insight you have, because I'm fresh out.
Additional Information: Currently, I am using Mercurial personally, but the project will probably get moved to StarTeam unless I can make some convincing arguments for something else.
You don't mention in your question what source control you are using. As it doesn't sound like you need to limit your outside developers access to the rest of the repository I would not bother with setting up multiple repositories. I would assume that unless your code runs into the millions of lines size that repository size is not an issue.
It all depends what functionality your revision control system supports. In subversion you can declare other folders as external and provide a file URL for the content of that folder, this will cause subversion to deal with that folder as a separate repository even though it is within your folder structure.