I am trying to install an R package from a GitHub account I currently own and operate. I want to be able to share this R package with other users (i.e. allow them to download) but I want to constrain it to people I approve of.
I could do this by creating a Personal Access Token (PAT) and sharing (remotes::install_github(..., auth_token = "PAT")), but then they would get access to all of my repos on my account which is not an option.
Other options I have seen suggested include;
Creating a new GitHub account just for this R package and creating the PAT on this account to enable sharing of just the one repo
Making public instead of private
Neither of these feels optimal, is there another way?
You could add others as collaborators on your private repo, then they could use their own PAT to access the repo. It's not great idea to share PAT so this way each party is responsible for their own. That will also allow you to easily remove individuals without affecting access for everyone.
I know this is an old question, but I wanted to answer for anyone that finds this thread like I did. The other alternative is to set up a private SSH key (like you would use for git push) and then use remotes::install_git("git#github.com:Organiztation/repository.git",branch = ...). install_git uses the git credentials and supports SSH. install_github uses the GitHub API and does not support SSH.
Related
I went to try out the Alire package manager for Ada the other night, and found this in the documentation:
Issue alr init --bin myproj (you can use --lib for a library project)
The first time you run this command, alr will ask a couple of questions to automatically fill-in information about the crate:
GitHub login: is used to identify the maintainer of the crate when contributed to the community index.
Full name: Name of the author of the crate
Email address: Point of contact to author of the crate
All the questions are optional for now, you can just press enter to use the default values.
This "All the questions are optional for now" is somewhat concerning in that it implies they will be mandatory in the future.
This seems like a very strange design choice. I do not have or want a GitHub account, and while I understand that Alire needs to pull from GitHub to retrieve crates I would think that an account should not be required to clone public repositories. I do not want to become overly reliant in the Alire ecosystem if I will effectively become locked out of it in future.
I have not found any discussion or timeline around when Alire will start requiring a GitHub account - is this truly the case, and if so when will it become mandatory?
These instructions appear among the First steps in Creating a new crate, likely required to initialize the corresponding local git repository, as shown here. Particular values would seem relevant only when Publishing your projects in Alire and establishing Crate ownership. I would infer that now in this context means while getting started. In any case, you can examine and change these settings as shown here. Going forward, additional restrictions on using a work would violate the project's existing license terms.â€
†Disclaimer: Neither affiliated with nor a current user of the Alire project.
It is not at all required to have a GitHub account to use Alire.
On the other hand, a GitHub account is required to publish a crate in the community index. That's because the current procedure requires one to open a pull request on the alire-index repository. And this is why Alire is asking you to provide a GitHub login.
But as you saw in the documentation this is optional.
"for now" doesn't imply that it will be mandatory in the future for sure. I think the intent was to express that it might be a possibility.
I am trying to install an R package from a private git repository hosted on my employer's internal Bitbucket server.
I have had success using remotes::install_git() for other projects on public servers in the past however for this specific project I need to connect to the repository via an HTTPS url and use a personal access token (PAT) to authenticate. The remotes::install_git() documentation includes an entry for adding credentials, but the documentation for this option is sparse. There is a lot of documentation for remotes::install_github(), but as this is not a github hosted repository, many of the suggestions there do not seem to work.
My go to :
gitcred <- git2r::cred_user_pass(username="$(USERNAME)",password="$(PAT)")
#here you can put any private repo such as devops azure or bitbucket, etc..
remotes::install_git("https://dev.azure.com/XXX", credentials = gitcred)'
I have recently installed the rfigshare package. In order to use it, I need to get figshare API keys to to use it properly. The documentation I found so far is obsolete (see here). Does anyone knows the procedure to follow?
From the package README:
The first time you use an rfigshare function, it will ask you to authenticate online. Just log in and click okay to authenticate rfigshare. R will allow you to cache your login credentials so that you won't be asked to authenticate again (even between R sessions), as long as you are using the same working directory in future.
So, just load the package using library("rfigshare") and call any function. You will be automatically prompted to login and store an OAuth credential locally, which will then be automatically used in subsequent function calls.
I have an R Shiny app that contains some sensitive information that I would not like to be made public, and do not want to pay for any services in order to get password authentication.
My question is if I create a private repository on GitHub with the server.R, ui.R and all supporting data and files, will anyone be able to run it with the runGitHub command (below) or in any way access my data?
library(shiny)
runGitHub("<private repository name>", "<my user name>")
if I create a private repository on GitHub with the server.R, ui.R and all supporting data and files, will anyone be able to run it with the runGitHub command ... or in any way access my data?
If the repository is private only people who have been granted access should be able to access it. This is true through the GitHub website as well as via direct Git access, which is almost certainly what runGitHub() does.
do not want to pay for any services in order to get password authentication
In general, private repositories on GitHub aren't free. Currently the cheapest plan that includes private repos is the Micro plan at $7 per month.
There are other Git hosting providers that do provide free private repositories. BitBucket and GitLab both come to mind.
It may be possible for you to get free private hosting on GitHub, e.g. if you are a student.
I have an R Shiny app that contains some sensitive information that I would not like to be made public
Finally, depending on the nature of the "sensitive information" you are trying to protect, there may be better options. It is fairly common to provide things like API keys and passwords as environment variables (especially when using PaaS providers like Heroku), or to commit "template" files like config.template.ini.
I have imported few private repos from Github to my Phabricator install. The clone url on Phabricator still shows the Github clone URL.
Is there a way to offer read-only copy from Phabricator via diffusion clone url?
This is not currently supported. Feel free to file a feature request:
https://secure.phabricator.com/maniphest/task/create/
Particularly, we'd be curious what your use case is. There's no technical reason we can't support this, but haven't seen anyone wanting to use Phabricator as a read-only mirror of some other repository yet.