Can I give read-only access to a private repo (from a developer account)?

4 months later and I see nothing about this feature on the Changelog. So having read-only access to a private repo is not in our future? What service are developers using to show their private work to prospective clients?

@firstprinciples-ai wrote:

Hi everyone, apologies if this is repeating a topic discussed already. 

 

Can I give read-only access to my private repo, to someone who is not a collaborator at present? Can I share a url, or add someone as a read-only collaborator? I don’t want to give fork/clone/download rights. 

 

I have a Developer account at present (not a Team/Business account, so cannot structure an organization-based acess). Here are the types of Github accounts. Thanks.

I think it is a good idea to add a read-only permission that allows a developer to share a URL of his code to an employer for example during a technical test.

1 Like

Hi,

For Organizations, what about a specific permission level so our customers (external collaborators) can only create issues (and why not read-only access to projects/wiki too?) inside private repos?

Currently they also have access to code + pull requests and they use paid seats which is problematic for us.

EDIT : (I’m talking about the “Team” plan)

Thanks,

3 Likes

Hello Github,

Please implement this feature (including Github Enterprise)!  Thank you.

+n

Existing features (including lack of forced PR’s) for private repos don’t make this any better than hosting a repo on any number of other services.

 Another +1 to read-only.

It’s crazy that to share some code with folk I have to hand them the keys to the kingdom, ie ability to mess up master. We should be able to share code (that they can clone etc) but push etc privileges should be a tickbox and by default disabled.

26 Likes

+1 Please add this feature for a developer account. Btw if I add Collaborators to my private repo, then can they push to any branch or create any branch on github?

1 Like

+1 Here too. I’m kinda astonished this hasn’t been implemented yet. You should be able to create a unique, read-only, guid-like link to your private repo similar to what you can do with files in OneDrive. This is a no-brainer.

1 Like

+10000 my organization NEEDS this, we have different teams, support teams, testing teams, and some are outsorced… we don’t want them to have access to ALL of the code, only to give us feedback about testing results and Issues about the applications, etc…

Any update on this?

+1. Youtube allows publishing a video that is only accessible via link. Not private per se, just “unlisted”. I need to share repos with online classmates for peer review, but I don’t want my beginner code in a new language to be publicly available.

1 Like

+1 for this as a feature request.

I assumed this was possible, but couldn’t figure out how to do it, and ended up here after googling and now learning that it’s not possible.

Not being able to differentiate read-only vs. read/write access when selectively sharing something private seems to me to be somewhat of a departure from the common practice of other web services.

Hi there,

any updates on this?

I have the same requirement as others that reply to this topic.

I want to add users to my private repo, but I want them to contribute only using PR, not by committing directly.

I’m sure that not only I have such a requirement.

This feature request is from ‎12-11-2017, so it is taking forever :disappointed_relieved:

Hi @misiu,

You should be able to use branch protection and codeowner rules to accomplish the goal of preventing users from committing without a pull request. Does this accomplish what you’re looking for?

Thanks!

1 Like

Sorry, but this issue is not solved.

This is a tremendous security issue! Especially since Github is promoting the idea of machine users for servers which need to access multiple private repositories, it makes sense to allow for collaborators to be read-only. As the documentation says as a PRO: “Anyone with access to the repository and server has the ability to deploy the project.” -> meaning anyone with access to the machine user account or the server can deploy and break all other servers (yes, we live in a world with cloud computers where we may have multiple instances running at the same time, accessing the same repos).

Clone, fork, fine but not push. That should be read-only by default for any collaborator!

8 Likes

+1 to read only access rights for a private repo

For those who cannot post professional code publically, temporary read-only access to private repos would be a perfect way to share code during the job search process. Allowing prospective employers a view of your work, without allowing them access to the code. I am really surprised this has not been implemented. Perhaps I am just missing another way to achieve this? 

7 Likes

+1. Useful feature for sharing in interviews and with potential collaborators.

Maybe the description of a private repo needs to be changed? I’m a workshop presenter with proprietary material I need to let people clone, but not commit. A private repo looked ideal when I read:

“Private
You choose who can see and commit to this repository.”

That gives the impression I can let someone see it, but not commit to it… which is what I need.

That is the reason I did this Google search because a company cannot view my repo since their company account did not have a Github account.

1 Like