Why can't we have private forks of public repositories?

[florinbarbisch]

Select Topic Area

Product Feedback

Body

Like I get the whole contributing back to the main repository part, but if I fork a public repository and wanna do something that will contain my personal information, I don't want to be forced to have my fork public. It's my personal information and no one in public internet needs to know this (e.g. street where I live).

I know that I can essentially duplicate the repo or go to full lengths to anonymize my information (i.e. put info in .env variables or a file not tracked by git and use jupytext instead jupyternotebooks). It's not that it is impossible. It's just that we can't have nice things.

[Golevka2001]

Reasons

From the platform's perspective, maintaining consistent visibility is a method to simplify permission and visibility management. Imagine this scenario: You create a PR from a private fork to the upstream repository. In this case, would the fork remain private during the review process? And if it stays private, how would the review work 🤔?

From the user's perspective, keeping association with the upstream repository is likely for the purpose of having contributions merged (though this might not be entirely the case, it’s how I personally see it). Otherwise, one could choose to leave the fork network or simply clone the repository.

Solution

In the Settings of your fork repository, under the General > Danger Zone section, you can find Leave fork network. This will allow your fork repository to be unlinked from the upstream repository.

After waiting for a short period (around 1 minute), you will be able to change its visibility.

Additionally, the methods you mentioned, such as "duplicating the repository" and "anonymizing your information," are also perfectly valid approaches.

I hope this helps 😃.

[BobVanB]

Proposal for Private Fork Option

I’m experiencing the same issue with a company repository. I have private information that is not released by the company, and I want to create a private fork that uses this information.
Currently, the option is:

Change repository visibility
For security reasons, you cannot change the visibility of a fork.

I would like to propose an alternative:

Make private – upstream fork owners will still have full read access to this repository.
No need to explicitly grant them access. Pull request branches will remain visible in the upstream repository.
Caution: Be mindful when sharing private information in pull requests.

This approach would allow me to use private information in my repository while still contributing meaningful pull requests to the community.