github
html_url | issue_url | id | node_id | user | created_at | updated_at | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
https://github.com/simonw/datasette/issues/950#issuecomment-680262437 | https://api.github.com/repos/simonw/datasette/issues/950 | 680262437 | MDEyOklzc3VlQ29tbWVudDY4MDI2MjQzNw== | 9599 | 2020-08-25T20:49:24Z | 2023-08-23T21:34:09Z | OWNER | The alternative to this would be to use regular databases and control access to them using [Authentication and permissions](https://docs.datasette.io/en/stable/authentication.html). My concern there is that it's just too easy for someone to mess up their configuration, which would be really bad. I like the idea of a much stronger defense mechanism specifically designed for secrets that should not be exposed. Outside of secrets, passwords and tokens this mechanism could also be useful for the use-case of using Datasette to power websites - as seen on https://www.niche-museums.com/ and https://www.rockybeaches.com/ - maybe those sites don't want to expose their data through their API but still want to use `datasette-template-sql` and the `graphql()` template tag in `datasette-graphql` to render data. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
685806511 | |
https://github.com/simonw/datasette/issues/950#issuecomment-680264202 | https://api.github.com/repos/simonw/datasette/issues/950 | 680264202 | MDEyOklzc3VlQ29tbWVudDY4MDI2NDIwMg== | 9599 | 2020-08-25T20:53:13Z | 2020-08-25T20:53:13Z | OWNER | Forcing people to spell out `datasette github.db --private private.db` isn't terrible though. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
685806511 | |
https://github.com/simonw/datasette/issues/950#issuecomment-680263999 | https://api.github.com/repos/simonw/datasette/issues/950 | 680263999 | MDEyOklzc3VlQ29tbWVudDY4MDI2Mzk5OQ== | 9599 | 2020-08-25T20:52:47Z | 2020-08-25T20:52:47Z | OWNER | Naming challenge: secret databases or private databases? I prefer private. But `datasette -p` is already taken by `--port`. `datasette -s` is currently available. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
685806511 | |
https://github.com/simonw/datasette/issues/950#issuecomment-680263427 | https://api.github.com/repos/simonw/datasette/issues/950 | 680263427 | MDEyOklzc3VlQ29tbWVudDY4MDI2MzQyNw== | 9599 | 2020-08-25T20:51:30Z | 2020-08-25T20:52:13Z | OWNER | `datasette-graphql` currently dispatches requests through the `TableView` class, so if that couldn't access private databases then it would not be able to either. See also the concept for `datasette.get(...)` as an internal API in #943 - that might need to have a mechanism for also being able to query private databases, maybe `datasette.get(path, allow_private=True)`. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
685806511 |