Great post. But I have a question I am doing this for a private repository but I want the whole team to use it, how can they not ask for a login and password?
Sorry for the giant delay, I was a bit off for few years, I'm just coming back.
This is a very common challenge with private repositories. The best way to allow your team to install the package without needing individual logins is to use a GitHub Personal Access Token (PAT).
Instead of using their personal username and password, you can create a PAT with read-only access (read:packages) to your repository. Your team members can then use this token directly in the pip install command, like this:
This method is secure because you can revoke the token at any time without affecting user accounts, and it's a dedicated token for this specific purpose.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Great post. But I have a question I am doing this for a private repository but I want the whole team to use it, how can they not ask for a login and password?
Sorry for the giant delay, I was a bit off for few years, I'm just coming back.
This is a very common challenge with private repositories. The best way to allow your team to install the package without needing individual logins is to use a GitHub Personal Access Token (PAT).
Instead of using their personal username and password, you can create a PAT with read-only access (read:packages) to your repository. Your team members can then use this token directly in the pip install command, like this:
pip install git+https://[your-pat-token]@github.com/your-username/your-repository.git
This method is secure because you can revoke the token at any time without affecting user accounts, and it's a dedicated token for this specific purpose.