Open koalalorenzo opened 6 years ago
@koalalorenzo hrm... this is an interesting idea. Anything added to gx in the main ipfs network will be made publicly available, but if youre using a private network, then you can isolate your packages that way. Otherwise we would have to look at encrypting packages, or something.
Could you elaborate on your usecase and maybe suggest a desired workflow?
Encryption sounds simple but also hard to achieve if we are working with multiple people. I know this could be probably resolved on an IPFS level too.
The workflow that I might suggest involves a normal standard behaviour (like, publish a new version of my package, downloading and/or updating the versions etc etc) but ensure that only the authorised people can decipher, build, use my content.
At the moment I am forced to use private repository and rely on git authentication methods, it is enough but the content on the server is not encrypted. It would be nice if it was possible to encrypt the packages before adding them to IPFS.
So the biggest choice is: Authorisation vs Encryption, where on one side the user is authorised to perform actions (like git) and on the other side the user is forced to decrypt to actually use/change the repo/project (like git-crypt).
What are the options?
Hello! How is it possible to use gx with private repositories? (closed source for example)