You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I want to use djangopypi2 as private repository to protect code property of my company.
But currently it seems to don't provide access control of package listing or downloading, anonymous user can view all package list and even can download it.
If it can be controlled with current version, please describe how to do it on manual.
The text was updated successfully, but these errors were encountered:
You're right, unfortunately no such functionality exists at the moment.
The assumption is that djangopypi2 is set up in a private network to begin with, where there is no concern for who downloads packages.
I'll leave this issue open as a feature request, but it won't be implemented soon.
If you are using Apache or a similar server to serve djangopypi2, I guess you could use HTTP authentication for a minimum degree of security, as a temporary workaround.
That being said, I am interested in this feature too.
I want to use djangopypi2 as private repository to protect code property of my company.
But currently it seems to don't provide access control of package listing or downloading, anonymous user can view all package list and even can download it.
If it can be controlled with current version, please describe how to do it on manual.
The text was updated successfully, but these errors were encountered: