Stop cloning to Home PC

New to Git. I represent a product company having proprietary source code. When I move my code repository to GitHub, I presume anyone having access to a repository can clone it anywhere. Conventionally, in my organisation, developers are allowed to download code to their office desktop. In GitHub, how do I prevent they download code to their home PC?

1 Like

Hi @Ajupeter.
The simple answer is with difficulty as you need some form of up restrictions and/or context/device aware policy enforcement.

GitHub IP allow list work for both browser and api access, but will require connection through an authenticated proxy/VPN with known dedicated up address to you company and knonw ranges for any servers also.

An Orgnanization can also be SAML enabled to an IdP. The IdP when redirected to for SSO login can then assert device/context aware security policy before issuing a token. Note SAML only affects browser access.

1 Like

if a developer has access to a repository on github.com, they can clone it anywhere.l they have access to github.com.

if you control the server the code is on, you can use a firewall on the server or another appropriate place to restrict which IP addresses can access the server.

git generally follows a very open code sharing paradigm where each developer typically gets the entire codebase copied to their PC when they clone a git repo, including all revision history. git is a decentralized type of thing. using github.com gives the appearance of centralization, but git still works how git works.

other source control systems can offer more restrictions, I imagine.