Suggestion: Write a standalone tool that does the code extraction step, so someone can run it on their private repository (or checked-out code) and generate the data dump you need.
This mitigates some of the security issues have with granting access to live repositories, as well as opens your service up to people who have code hosted on anything besides Github or Bitbucket hosted services.
Didn't expect this to blow up today. But security was considered from day 0.
- Each time a poster is generated the repo's code is fetched and destroyed.
- Your auth token is cleared after each session.
- For maximum security use Gists!
You can create a private Gist[0] and add all the files you want into it. After that you can just use the Gist's ssh/https url under the "Embed" menu/dropdown.
This will allow you to specify exact files that get cloned.
The service looks awesome and I really want to order some posters for my company. However, I can't grant the kind of access that is being asked for to a private company repository.
The idea of allowing a someone to have the ability to administer/transfer/delete company repositories so that we can print some neat posters is rather unsettling.
I hadn't noticed that I could provide a gist. Just saw that it had Github/Bitbucket integration and went to try that out. I was disappointed when I saw how much control I'd have to allow in order to use that integration and didn't go back to see if there were other options.
Aside from being more thorough in my inspection of the site, it might help to make that portion of the site more obvious given how many people came to this thread and made the same general comment about security/permissions.
I want to order a poster but I don't want to give so much access to our company's github. It would be nice if there was an alternative route where I can just copy paste a bunch of code and then start the generating and order process.
I was thinking the same. I can't really tell for sure tho, is it read only access or what?
Edit: Never mind, I figured out how to see what access it was. Btw, Holy shit! Why all this access?? "read and write all public and private repository data"
Unfortunately, this is all the control Github provides on their scopes. There is no read only for repos scope. The only scope it asks for is 'repo' and email as an identifier[0]
When I graduate from college I'm going to glob all of the code I've ever written for side projects and all of the code I've done for homeworks together and print it out via this service.
Should make for a very nice piece of paper that I'll put next to my other piece of paper (my degree). I'm pretty sure I'll be more proud of this then I will of my degree.
It is not so simple. The characters are not the same colour as in the image. Look at the eyes and the nose for example. It seems to be doing a more advanced kind of image feature detection.
It is, just the white pixels on the image are black text on the poster, and the same with black pixels, so Gopher's eyes (and the other black parts) disappear.
There is a Light Text option, with that white pixels are grey so you can see the eyes :)
Great job - ordering was streamlined and the process was really smooth -- I was expecting the generated image to auto-update when I was making selections, but I can imagine that is process intensive so it makes sense how it behaves. Looking forward to our poster.
Enhancement idea: RegExp field to blacklist/whitelist files in the repo (I tried to do this with my PhD thesis but the central part of the image is the boring .bib file). Still, pretty neat!
Reminds me of the old Apple posters with C & Objective-C code on a black background. Does anyone have a link to those? We had them hanging in some of our university classrooms.
This mitigates some of the security issues have with granting access to live repositories, as well as opens your service up to people who have code hosted on anything besides Github or Bitbucket hosted services.