Deepnote
Deepnote
Deepnote.com
Our story
Join the team
Changelog
What is Deepnote
Deepnote crash course
💡 features
Command palette
Real-time collaboration
Comments
Integrations
Variable explorer
Terminal
Versioning
Code intelligence
🤝 Collaboration
Teams
Sharing a project
Publishing a notebook
⚙️ Environment
Selecting hardware
Custom initialization
Custom environments
Long-running jobs
Environment variables
Pre-installed packages
Python requirements
🔧 Integrations
GitHub
MongoDB
PostgreSQL
AWS S3
Deepnote Shared Datasets
Google BigQuery
Snowflake
Google Cloud Storage
Spark
📥 Import & export
Importing data to Deepnote
Share or embed a cell
Export a notebook
Export a project
🏷️ resources
Keyboard shortcuts
Tracking experiments
Intellectual property
Launch repositories in Deepnote
Pricing
Changelog
Deepnote Community
Terms & Conditions
Security
Powered by GitBook

GitHub

Deepnote allows you to import both public and private repositories from Github. If you want to use a public repository and you do not want to push to it, just open your terminal and use git clone <url> and a https link to clone it to your project.

Linking a repository to your project

If you want to include a private repository or a public one that you want to push to, you can link it. If you do, you and all your collaborators on the project will be able to push and pull to the repository from the terminal without any additional authentication.

To link a repository to your project, open the integrations tab on the left.

After the repo is linked, you can commit, pull, and push by opening a terminal, switching to the repo directory with cd, and then running the git commands you need.

How is it done?

Under the hood, we generate a deploy key in the linked repository using the provided OAuth access token. This way, we're able to restrict the key only to the specific repository, so even if you share the project with other users, they won't get access to the other repositories. We do it this way because GitHub doesn't natively support limiting OAuth access token to a single repository.

This is the reason why you might have received a similar email notification:

Defense in depth

One more important reason why we've decided on this design is that we do not want access to all your repositories. We understand that you might have sensitive private repositories, or you are a maintainer of a mission-critical OSS project and you don't feel comfortable sharing access with us. Because of this, we keep the access token only for the duration of the linking request.

We plan to keep this flow client-side only once GitHub adds support for implicit OAuth grant type. Once this is done, we'll never even see the access token with access to your private repositories.

Revoking access

Only you remain in control of your data. When you revoke access to our OAuth app, all deploy keys generated by it will be automatically revoked. However, please keep in mind that all users you trusted with project access might still possess a local copy of your data.

⚙️ Environment - Previous
Python requirements
Next - 🔧 Integrations
MongoDB
Last updated 5 months ago