Can I give read-only access to a private repo (from a developer account)?

[FirstPrinciples-AI]

Hi everyone, apologies if this is repeating a topic discussed already. 

Can I give read-only access to my private repo, to someone who is not a collaborator at present? Can I share a url, or add someone as a read-only collaborator? I don’t want to give fork/clone/download rights. 

I have a Developer account at present (not a Team/Business account, so cannot structure an organization-based acess). Here are the types of Github accounts. Thanks.

[birdcar]

In a private repository, repository owners can only grant write access to collaborators. Collaborators can’t have read-only access to repositories owned by a user account. More information about permission levels for a repository owned by a user account can be found here:

https://help.github.com/articles/permission-levels-for-a-user-account-repository/

Having said that, I know that we’ve heard users request these kinds of granular permissions before, and I’ll add your +1 to that existing feature request.

@FirstPrinciples-AI wrote:

I don’t want to give fork/clone/download rights. 

It’s worth noting here that cloning a repository is a central operation in the collaboration model that GitHub provides. For example, the read-only access that we currently offer to GitHub Organizations still allows users to both clone and fork the repositories that they have permission to read:

https://help.github.com/articles/repository-permission-levels-for-an-organization/

With all of that in mind, I believe that it’s unlikely that we’ll change our permission model to disable the ability to clone a repository that someone has read access to; even if we do allow for read only access to private repositories owned by user accounts in the future. 

[othman922]

#52652

[kjsieffert]

Same. We would like to share our repo with our mobile team that is developing our mobile app. We'd frequently share our core code with them for consistency in our apps. Would really like to give them read-only access to our main repo rather than having to send them code.

[Colandus]

Hi! In my case it's not about limiting cloning. I want to give access to the code but I don't want them to be able to push any commits or destroy the repo!

[dennysis]

You can also enforce the need for owner review. I did not tried protected branches with private reops before but I think it would be the same as the public repos.

[sportdanceby]

I would like to share my repo with an external CI server. For me it's ok if this server will clone it, but I don't want to give a WRITE access to my original repo.

[sfindeisen]

Dear GH Team

Any plans to implement private repo access restriction for collaborators to read-only + pull-request? I want collaborators on my private (user) repo(s) put don’t want to allow them direct push… Where is this feature on your roadmap?

Thanks
Stanisław

[flobbit1]

Gitlab has this feature.

[jmoraispk]

When companies don't listen to users... Gitlab, here we go!

[nadiajoyce]

Hi @sfindeisen,

Thanks for this feedback! We’re always working to improve GitHub, and we consider every suggestion we receive. I’ve logged your feature request in our internal feature request list. Though I can’t guarantee anything or share a timeline for this, I can tell you that it’s been shared with the appropriate teams for consideration.

Cheers!

[WaleedMortaja]

Using protected branch ( especially for master) will give you some options, such as requesting members with write permission review to the changes before merging. You can also enforce the need for owner review. I did not tried protected branches with private reops before but I think it would be the same as the public repos.

[Septdir]

@waleedmortajaThis is not exactly what you need.

• 1 it would be nice to have possibly give a look at the private private repository.

[sam-by-name]

+1 from me.
I would like to be able to invite someone to “ONLY look” at a private repo.

[JurcomGRC]

@Dark-haz I'm also really shocked as at now 2023 that it's still not implemented as I really need it now. I saw that some of these request were made way back in 2018:(

[dapfycom]

same here 2023 and no implemented yet

[rtatarinov]

yep, it's really annoying... Please implement it

[WTFAYXN]

I was looking for the same but it seems like the feature is still not added

[Carlsans]

same here

[ghost]

+1

Would be extremely helpful in corporate environment.

[birdcar]

In orgs you can already do this, just grant org members, teams, or outside collaborators the read permission. This limitation only applies to private repositories owned by users.

[Kamuela-Ahuna]

+1 

I’m trying to use Github as a place to keep my work and show potential employers. Would love to still have the ability to make it private and just give people access to view.

[bobf]

+1 - I have a couple of private repositories I want to share with friends but I don’t want them to be able to write to them.

[DCGenomics]

+1 Extending this string, because of the work I do with public repos, it would be nice to be able to directly invite people to watch some public repos directly through github (as opposed to email or twitter), without giving them write access.  Maybe this is already possible?

[jdal]

+1 on read only access
The ability to view and not modify a private repository would be very valuable to our organization. 

[neodon]

I just went to add a collaborator to a private project with read-only access and was surprised that I couldn’t do it. 

[noxuz]

+1 I want to show the code I have done from edX courses to potential employers, but I can’t make them public due to edX’s honor code, It would be usefull to have a way of granting by an URL, view only permission to a private repository, just like in google drive for example.

[epodox]

• 1 

Having more granular control on private repos for individual users is a must. Sure if they can read it they should be able to clone/fork but i want to disable specific users ability to push with out a propper pull request. Same with branching. Really should be able to have same functionallity as public for private, just we control the viewers.

Thank you,

Joshua Dooley

[Zupecki]

• 100

Working with a colleague overseas that I want to be able to give access to pull my code (for reference/educational purposes), but not to be able to push.

[jtashker]

+1

[Jsalas424]

Please give us read-only access

[trebor]

+1

[Jonathankli]

+1

[GilbertoAbrao]

+1

[SalamanderXing]

+1

[dennysis]

+1

[rschwass]

This is taking years +1

[DIPANJAN01]

You guys won't implement it, right? From 2018 to 2024. Hopeless

[DIPANJAN01]

To anyone still looking for this, I found this stack overflow answer to be helpful:
https://stackoverflow.com/a/77613544/7276452

^^You can leverage GitHub's fine-grained tokens for giving access of your private repos to specific people (just share the fine-grained token with them)

[ItaiAxelrad]

Please?

[PowerSergii]

this functionality would be helpful indeed!

[Abhisek-07]

+1

[iann838]

Hopeless

[ZachIsAGardner]

i need this functionality!

[Bahdonmollah]

(No Subject) Tuesday 12 Nov ⋅ 11:57pm – Wednesday 13 Nov 2024 ⋅ 12:57am Bangladesh Standard Time Guests ***@***.*** View all guest info https://calendar.google.com/calendar/event?action=VIEW&eid=NzRzMzZjcGg2NWgzYWI5b2M4cTM4YjlrNmdzM2FiYjFjZGozNmI5aTY5aGo0ZTFsYzRvbTRjaGo3NCByZXBseStiaTNycWducnJqczZpanUzcDJxNDNzd2ZkNmxmNWV2Ym14aGFhcWd3eGVAcmVwbHkuZ2l0aHViLmNvbQ&tok=NTIjZmFtaWx5MTUxNDMxOTQ0OTk4MDYwNjg1MDlAZ3JvdXAuY2FsZW5kYXIuZ29vZ2xlLmNvbWQ4MGZjNmRlZjBhNzM3NWQ5ZTE5OTI2MTgxODJiNmYwMjUwOGM2OTk&ctz=Asia%2FDhaka&hl=en&es=0 Reply for ***@***.*** and view more details https://calendar.google.com/calendar/event?action=VIEW&eid=NzRzMzZjcGg2NWgzYWI5b2M4cTM4YjlrNmdzM2FiYjFjZGozNmI5aTY5aGo0ZTFsYzRvbTRjaGo3NCByZXBseStiaTNycWducnJqczZpanUzcDJxNDNzd2ZkNmxmNWV2Ym14aGFhcWd3eGVAcmVwbHkuZ2l0aHViLmNvbQ&tok=NTIjZmFtaWx5MTUxNDMxOTQ0OTk4MDYwNjg1MDlAZ3JvdXAuY2FsZW5kYXIuZ29vZ2xlLmNvbWQ4MGZjNmRlZjBhNzM3NWQ5ZTE5OTI2MTgxODJiNmYwMjUwOGM2OTk&ctz=Asia%2FDhaka&hl=en&es=0 Your attendance is optional. ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding