10

I've got a repo that will contain sensitive information, so in GitHub I made it private. After doing so, however, this message is now displayed:

Caution: This repository is private but the published site will be public.

Can someone help me to understand what this message means? Also, since I need to keep these sensitive files secure, what security considerations should be made?

Thank you in advance.

M. Smith
  • 345
  • 3
  • 13

1 Answers1

21

It means that information stored in gh-pages branch of your repository will be publicly available via GitHub pages via http://<username>.github.io/<projectname>.

gh-pages branch is special branch, which content is automatically published by mechanism called Github Pages.

Here is an example. I've created private repo private_with_pages. You can not see it because, well, it's private. Nevertheless, file index.html, stored in branch gh-pages, is publicly available.

Now in settings of the github repository I see message “Caution: This repository is private but the published site will be public.”

According to this help page the only way to disable this feature is remove gh-pages branch from github. How to remove remote branch is described here.

See related question: Private pages for a private Github repo

blacktide
  • 10,654
  • 8
  • 33
  • 53
olmstad
  • 686
  • 5
  • 9
  • What exactly is the gh-pages brancch? I've done some searching and can't locate a solid answer. Also, what data is available in this public gh-pages branch? I need all of the content pushed to this repo to stay private and secure. Thanks. – M. Smith Jul 25 '16 at 17:34
  • First, check out `http://.github.io/`. If there is some information you want to keep private, delete remote `gh-pages` branch . – olmstad Jul 25 '16 at 18:41