Version control is pivotal to any development process. It enables developers to track and manage changes made in projects, ensuring efficient collaboration and progress. In the world of version control systems, one of the most commonly used is Git, with GitHub providing a fantastic platform for managing Git repositories.
A significant feature provided by GitHub is ‘Releases’, enabling developers to manage different versions of their software and package them conveniently for users. Along with these, pip plays a crucial role as a package manager, allowing the installation of specific releases conveniently.
In this expanded edition of our blog post, we will deep dive into the process of creating releases on GitHub, handling versions in both private and public repositories, and authenticating with personal access tokens.
Creating a Release on GitHub
Let’s cover the steps to add a release to your GitHub repository:
- Navigate to your GitHub repository’s main page.
- Under your repository name, click on Releases.
- On the new page that opens, click on Draft a new release.
- Fill in the Tag version field with the version number (ex. v1.0).
- Optionally, provide a release title and describe the changes in this version in the description box.
- Once you’ve filled in the necessary information, click Publish release.
Voila! You have successfully created a new version of your repository.
Authenticating with Personal Access Tokens in pip
Now that we understand creating GitHub releases, let’s delve into installing a specific release using pip with authentication when dealing with private repositories.
Assuming you need to access a private repository in your organization under your personal GitHub account, you can generate a personal access token and use it in pip’s install command:
pip install git+https://user_name:<access_token>@github.com/company_username/repo.git@version |
In the above command, replace user_name with your personal GitHub username, <access_token> with your GitHub access token, company_username with the organization’s GitHub username, and version with the version tag you wish to install.
Including Private Repos in requirements.txt
It’s common practice to include dependencies in a requirements.txt file in Python projects. If your project includes a dependency hosted in a private repository, you can include the repository in your requirements.txt file as follows:
git+https://user_name:<access_token>@github.com/company_username/repo.git@version |
In the command above, user_name is your GitHub username, and <access_token> is the token generated from your GitHub account, company_username is the GitHub username of the organization, and version is the release tag.
As these tokens are highly sensitive, handling them securely is crucial. Avoid hardcoding your access tokens in your code or files and consider using environment variables or protected configuration files for better security.
