I recently created a private git repository for a project with my friends but I don't want all of them to be collaborators. Can I give some of them the ability to only create pull requests and not merge them?
You could have used protected branches, but they are only available with private repositories for GitHub pro, not GitHub free.
One workaround is simply to create a second private repository for your friends: thy can push to it, and make pull requests to your private repository from there.
Related
I have a github app that invoke Jenkins pipeline (in Enterprise github) which uses /api/v3/app/installations/${payload_installation_id}/access_tokens to create an access token.
I am able to clone repositories using that access token as long as they are public.
I ran into a problem where one of the repositories I'm using has submodules and one of the submodules are private.
What do I need to do to give this github app access to that private repository?
I did confirm that changing that repo to be public is solving the problem but there is a reason that repo need to be private.
My organization has a private repo and we've brought on a few contractors and given them access to the code base.
These contractors have been forking the code base, and I wanted to evaluate the potential security implications of that.
Could any of these forkers make the code public if they choose to?
If their access is removed from the original project, will their access to the forked repo also be removed?
Could any of these forkers make the code public if they choose to?
Yes, they can push it to a new public Git repo (on GitHub or any other Git hosting service)
If their access is removed from the original project, will their access to the forked repo also be removed?
See "Removing a collaborator from a personal repository"
While forks of private repositories are deleted when a collaborator is removed, the person will still retain any local clones of your repository.
For a better security, contractors usually operate on PCs inside the organization through VPN. Those PCs can then limit or prevent internet access.
I am curious if I can add a collaborator for just watching my project without giving him the rights to make it public, yet.
So, the current situation would be:
- I created a private GitHub repo that I don't want to have public yet
- I have a colleague who does not have a paid GitHub account
- I want to add this colleague as "watcher" only without exposing the project to the public yet
Would that work?
Assuming you trust your collaborator to not clone the repo and post it publically, yes you can add them as a collaborator to see the private repo.
From Github's docs: "All collaborators must have GitHub accounts. It's easy to sign up, and even accounts on the free plan can collaborate on private repositories"
I have free GitHub account and forked a private repo.
Now I'd like to add collaborators to my fork.
But there's no "Collaborators" tab under Settings page.
Is this functionality not available for free plans?
This is probably due to the fact that you forked a private repo. So, only the owner of the original repo that you forked may share the project with other users - you cannot. For the same reason, you (probably?) can't make a fork of a private repo public - only the owner of the original private repo can make it public.
I have been added to an organization that has some private repositories and I need to send them a pull request with some changes but I don't know if I can.
I haven't a paid account on GitHub, so how can I fork that private repo to modify and send pull requests?
As mentioned in "If I fork someone else's private Github repo into my account, is it going to appear in my account as a public repo?", you can fork a private repo (for which you were added as a private user). The resulting repo will still be private, and you will be able to make pull-requests.
You can make a pull request from a branch in the private repository without the need to fork it.
The workflow we are starting to use is:
1. clone the private repository
2. make a branch
3. work on the branch
4. push the branch to the private repository
5. goto GitHub and create a pull request from the branch on the private repository
6. someone else reviews the the pull request and decides to merge it with master on GitHub
7. delete the branch unless there was a problem and it was not merged then go back to #3
I was having a problem when trying to clone a repository that i was added to contribute, it was a private repository so i did these steps.
clone the private repository using ssh (important it was not working when cloning through HTTPS).
Create a new branch.
Do the changes to the code
Add, commit the changes and push the code to the branch you created.
Go-to GitHub and go to the private repository you will se a option on top to create a pull request, just click on that and follow the steps to add description to your pull request.
someone else reviews the the pull request and decides to merge it with master on GitHub
Then if the branch was merged you can delete the branch if not make the necessary changes and push the changes again and create a pull request.