Can I give read-only access to a private repo (from a developer account)?

I think it is a good idea to add a read-only permission that allows a developer to share a URL of his code to an employer for example during a technical test.

78 Likes

+1 on this feature request! Please!

6 Likes

As some have mentioned. I have clients that would like to review my code, but still limit their access to specific files/folders. And the same for private code that could be shared with potential clients to give them an idea about the quality of work that can be provided, and so on.

If perhaps there were permissions for specific files/folders with a timeout option. That way, there wouldn’t be a need to revoke permissions at a later date.

1 Like

The “Solution” is not a solution though :(  It’s just an explanation of the current system which does NOT have the requested feature. Glad I’m not alone in needing (not wanting) this feature!

2 Likes

4 months later and I see nothing about this feature on the Changelog. So having read-only access to a private repo is not in our future? What service are developers using to show their private work to prospective clients?

@firstprinciples-ai wrote:

Hi everyone, apologies if this is repeating a topic discussed already. 

 

Can I give read-only access to my private repo, to someone who is not a collaborator at present? Can I share a url, or add someone as a read-only collaborator? I don’t want to give fork/clone/download rights. 

 

I have a Developer account at present (not a Team/Business account, so cannot structure an organization-based acess). Here are the types of Github accounts. Thanks.

I think it is a good idea to add a read-only permission that allows a developer to share a URL of his code to an employer for example during a technical test.

1 Like

Hi,

For Organizations, what about a specific permission level so our customers (external collaborators) can only create issues (and why not read-only access to projects/wiki too?) inside private repos?

Currently they also have access to code + pull requests and they use paid seats which is problematic for us.

EDIT : (I’m talking about the “Team” plan)

Thanks,

3 Likes

Hello Github,

Please implement this feature (including Github Enterprise)!  Thank you.

+n

Existing features (including lack of forced PR’s) for private repos don’t make this any better than hosting a repo on any number of other services.

 Another +1 to read-only.

It’s crazy that to share some code with folk I have to hand them the keys to the kingdom, ie ability to mess up master. We should be able to share code (that they can clone etc) but push etc privileges should be a tickbox and by default disabled.

26 Likes

+1 Please add this feature for a developer account. Btw if I add Collaborators to my private repo, then can they push to any branch or create any branch on github?

1 Like

+1 Here too. I’m kinda astonished this hasn’t been implemented yet. You should be able to create a unique, read-only, guid-like link to your private repo similar to what you can do with files in OneDrive. This is a no-brainer.

1 Like

+10000 my organization NEEDS this, we have different teams, support teams, testing teams, and some are outsorced… we don’t want them to have access to ALL of the code, only to give us feedback about testing results and Issues about the applications, etc…

Any update on this?

+1. Youtube allows publishing a video that is only accessible via link. Not private per se, just “unlisted”. I need to share repos with online classmates for peer review, but I don’t want my beginner code in a new language to be publicly available.

1 Like

+1 for this as a feature request.

I assumed this was possible, but couldn’t figure out how to do it, and ended up here after googling and now learning that it’s not possible.

Not being able to differentiate read-only vs. read/write access when selectively sharing something private seems to me to be somewhat of a departure from the common practice of other web services.

Hi there,

any updates on this?

I have the same requirement as others that reply to this topic.

I want to add users to my private repo, but I want them to contribute only using PR, not by committing directly.

I’m sure that not only I have such a requirement.

This feature request is from ‎12-11-2017, so it is taking forever :disappointed_relieved:

Hi @misiu,

You should be able to use branch protection and codeowner rules to accomplish the goal of preventing users from committing without a pull request. Does this accomplish what you’re looking for?

Thanks!

1 Like

Sorry, but this issue is not solved.

This is a tremendous security issue! Especially since Github is promoting the idea of machine users for servers which need to access multiple private repositories, it makes sense to allow for collaborators to be read-only. As the documentation says as a PRO: “Anyone with access to the repository and server has the ability to deploy the project.” -> meaning anyone with access to the machine user account or the server can deploy and break all other servers (yes, we live in a world with cloud computers where we may have multiple instances running at the same time, accessing the same repos).

Clone, fork, fine but not push. That should be read-only by default for any collaborator!

8 Likes

+1 to read only access rights for a private repo