Hi,
I wanted to try the streamlit cloud, but I faced problems just at the beginning. The streamlit required github permissions and I didn’t undrestand why they are needed in that form.
Full control of repository hooks - in the description there is written “Admin access to repository hooks and services” which sounds dangerous. I really would like to allow such permissions only to a single repository instead of all repositories related to my github account.
At the end I accepted it with a little fear and wanted to continue. But when I am on share.streamlit.io, and I press “New app” button (or even the “From existing repo…”), streamlit starts to require even more permissions:
Repositories Public and private
This application will be able to read and write all public and private repository data . This includes the following:
…
Why should I allow such permissions when I just want to share a single application from a single public repository?!
Fortunately I was able to add the application via the direct link: share.streamlit.io/deploy.
Could you improve documentation and better explain why do you need the required permissions or even better, would it be possible to give users more power to choose what permissions will they allow to streamlit?
The access requirements to all private repos and organizations is such a deal-breaker and doesn’t make any sense for just hosting an app in public repo. I am surprised more people haven’t asked for this change. Hopefully more comments bump this up.
I would also like to set permissions ala carte, but for reference from the docs:
Why does Streamlit require additional OAuth scope?
In order to deploy your app, Streamlit requires access to your app’s source code in GitHub and also the ability to manage the public keys associated with the repositories. The default GitHub OAuth scopes are sufficient to work with apps in public GitHub repositories. However, in order to work with apps in private GitHub repositories, Streamlit requires the additional repo OAuth scope from GitHub. We recognize that this scope provides Streamlit with extra permissions that we do not really need, and which, as people who prize security, we’d rather not even be granted. Alas, we need to work with the APIs we are provided by GitHub.
Thanks for stopping by! We use cookies to help us understand how you interact with our website.
By clicking “Accept all”, you consent to our use of cookies. For more information, please see our privacy policy.
Cookie settings
Strictly necessary cookies
These cookies are necessary for the website to function and cannot be switched off. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms.
Performance cookies
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us understand how visitors move around the site and which pages are most frequently visited.
Functional cookies
These cookies are used to record your choices and settings, maintain your preferences over time and recognize you when you return to our website. These cookies help us to personalize our content for you and remember your preferences.
Targeting cookies
These cookies may be deployed to our site by our advertising partners to build a profile of your interest and provide you with content that is relevant to you, including showing you relevant ads on other websites.