GuidelinesDevelopment Guidelines
Private Repository Management
Strategies for secure access, public distribution, and artifact delivery
Three complementary strategies for managing private repository access while balancing security, modularity, and distribution.
Overview
| Strategy | Purpose | Use Case |
|---|---|---|
| Runtime Access | Secure authenticated execution | CLI tools, versioned scripts |
| JSR Packages | Public utility distribution | Common libraries, utilities |
| Release Artifacts | Binary/data delivery | Databases, compiled assets |
Strategy 1: Secure Runtime Access
Enable authenticated access to private code at runtime without local clones.
Configuration
# Set authentication tokens
export DENO_AUTH_TOKENS="your_token_here@raw.githubusercontent.com"
export GH_TOKEN="your_token_here"
# Fetch and execute
curl -H "Authorization: Bearer $GH_TOKEN" \
-o import_map.json \
https://raw.githubusercontent.com/org/repo/refs/tags/v1.0.0/import_map.json \
&& deno run -A --import-map=import_map.json \
https://raw.githubusercontent.com/org/repo/refs/tags/v1.0.0/bin/your_tool.tsKey Components
| Component | Purpose | Format |
|---|---|---|
| DENO_AUTH_TOKENS | Module fetching auth | token@domain |
| GH_TOKEN | GitHub API access | Personal access token |
| Import Maps | Dependency resolution | JSON configuration |
Benefits
- No repository cloning required
- Version-controlled execution via tags
- Environment-based credentials
- CI/CD compatible
Strategy 2: Public Package Distribution
Extract reusable functionality as public JSR packages.
Published Packages
// Import from JSR - no authentication needed
import { tap } from "@spry/tap";
import { spawn } from "@spry/spawn";
import { reflect } from "@spry/reflect";
import { extend } from "@spry/extend";
import { universal } from "@spry/universal";
import { courier } from "@spry/courier";Package Structure
my-package/
├── deno.json
├── mod.ts
├── src/
│ └── utilities.ts
└── README.mdPublishing
// deno.json
{
"name": "@scope/package-name",
"version": "1.0.0",
"exports": "./mod.ts"
}deno publishBenefits
- No authentication required
- Modular consumption
- Semantic versioning
- Public documentation
Strategy 3: Release Artifacts
Distribute binaries and data through GitHub Releases.
Download Artifacts
curl -L -H "Authorization: Bearer $GH_TOKEN" \
-o database.sqlite \
https://github.com/org/repo/releases/download/v1.0.0/database.sqliteHow is this guide?
Last updated on