You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
During the process of looking into some issues with BYS organization profile, I found out private repositories are not fetched for authenticated users.
The only way to fetch private repositories is with repos.list, which requires you're an authenticated user and you're analysing your own personal Github profile. This will list out personal repositories and ones you're associated with either as a collaborator or member of an organisation, which I think is an issue worth thinking about.
Take for instance, if Airbnb has a private repository within the organization repositories and a member of the organization wants to analyze the repository along with other public repos, the only way for the private repository to be fetched and analyzed will be if the user analyze his own profile with his username and not "airbnb", this will fetch personal private repositories and that of associated organizations, meaning, other repositories you don't want included or care about will be included. (Repositories search parameters can be tweak with but there is just no accurate way to achieve that https://developer.github.com/v3/repos/#list-your-repositories)
My suggested solution is, temporarily, I think private repositories should be analyzed as an anonymous file till we implement the ability for user to select / unselect repositories they want.
The text was updated successfully, but these errors were encountered:
Nothing stops with the personal account, that's in my Todo list for tomorrow. I just felt our focus has been more on organization than personal account. And I also needed to hear your opinion about it.
During the process of looking into some issues with BYS organization profile, I found out private repositories are not fetched for authenticated users.
Thanks @znarf , he figured the api difference https://github.com/octokit/rest.js/issues/968, currently, we use
repos.listForOrg
andrepos listForUser
to fetch repositories for an organization and personal profile respectively. Both works perfectly for public repositories.Fetching private repositories
The only way to fetch private repositories is with
repos.list
, which requires you're an authenticated user and you're analysing your own personal Github profile. This will list out personal repositories and ones you're associated with either as a collaborator or member of an organisation, which I think is an issue worth thinking about.Take for instance, if Airbnb has a private repository within the organization repositories and a member of the organization wants to analyze the repository along with other public repos, the only way for the private repository to be fetched and analyzed will be if the user analyze his own profile with his username and not "airbnb", this will fetch personal private repositories and that of associated organizations, meaning, other repositories you don't want included or care about will be included. (Repositories search parameters can be tweak with but there is just no accurate way to achieve that https://developer.github.com/v3/repos/#list-your-repositories)
My suggested solution is, temporarily, I think private repositories should be analyzed as an anonymous file till we implement the ability for user to select / unselect repositories they want.
The text was updated successfully, but these errors were encountered: