Home/ Questions/Q 7606045
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-31T00:18:47+00:00

I have a requirement where certain code cannot be seen by all developers, but

  • 0

I have a requirement where certain code cannot be seen by all developers, but it’s required for the full functional system.

So regular developers will be able to pull the main parts and authorized dev or manager will pull the rest and provide the artifact for the rest.

So for instance in SQL I have individual SQL files per SP. 2 of these SPs must be installed on the SQl server as encrypted SPs. The regular dev will pull and deploy everything but those 2 SPs and then the manager will pull the 2 SPs and install them for the dev.

There is very few cases like that in the project structure. So what is the best way to handle this?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    That’s an interesting setup. I’ve seen where people are not allowed to commit to a repository, but very few where people are not even allowed to look at the files that it contains — especially developers. There are a couple of suggestions:

    • Two Separate Repositories: This keeps the hidden code more easily hidden. Building is a bit more difficult, but the security is simple: Users have access to the repository, or they don’t.
    • Specifying Individual Directories: You can specify who has read/write requirements upon individual directories. This must be handled via the front-end security access, and not pre-commit scripts. Path-Based Authorization is discussed in the Subversion manual. Word of warning: Any change in authorization requires you to restart your Subversion repository server. It all depends whether you’re using http:// or svn:// as your repository server.

    I highly recommend using a completely separate repository for the secret code.

    • 0