Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

github: make the LFS readable for repos that are public #176

Open
vit-zikmund opened this issue Dec 11, 2024 · 2 comments
Open

github: make the LFS readable for repos that are public #176

vit-zikmund opened this issue Dec 11, 2024 · 2 comments

Comments

@vit-zikmund
Copy link
Collaborator

This has come out of a brainstorm in #166 (comment) and as the issue's original topic will be covered by PR #175, this is being separated out not to get lost in a closed issue.

For the record, checking if a repo is readable would be done with the Get a repository API call and checking the visibility field for public or internal.
public is simply readable to the world, internal only to members of GitHub Enterprise organization. I assume the latter wouldn't be visible at all for a user outside of the enterprise organization, so a 40x response is a good marker the repo is not readable.

This will now need to be thought through for both the personal access tokens and app installation tokens.

@vit-zikmund
Copy link
Collaborator Author

FYI @SkyDev125, yet another opportunity waiting for your grasp! 😉

@vit-zikmund
Copy link
Collaborator Author

Here are some more thoughts:

  • The auth plugin's job is to scramble all valid permissions for the identity behind the provided token. Therefore, the check for public repo access evaluation should be done as a last resort, after all existing permission-evaluating means fail.
  • As each API call to GitHub is expensive (and potentially limited), this should be cached (outside of any identity cache, just a map of public repos).
  • visible internal repos can't be considered generally public, but when successfully listed, the read/read_meta permission should be added to the identity's permission.
  • public repos don't need any token to get listed, so we should make sure not to require internal resolving to any identity. As the giftless code assumes there's always some identity, in case the token is invalid or missing, we should provide some bogus identity. However such identity can't serve as a catch-all fallback for misauthenticated calls. Therefore we need to cache the public repos independently of any identity.
  • TODO think about how this all applies to app installation tokens.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant