issue_comments

Table actions

6 rows where issue = 685806511 sorted by updated_at descending

View and edit SQL

This data as json, CSV (advanced)

Suggested facets: created_at (date), updated_at (date)

user 1

issue 1

  • Private/secret databases: database files that are only visible to plugins · 6

author_association 1

id html_url issue_url node_id user created_at updated_at ▲ author_association body reactions issue performed_via_github_app
1692494455 https://github.com/simonw/datasette/issues/950#issuecomment-1692494455 https://api.github.com/repos/simonw/datasette/issues/950 IC_kwDOBm6k_c5k4Wp3 simonw 9599 2023-08-24T22:26:08Z 2023-08-24T22:26:08Z OWNER

Closing this issue in favour of this one: - #2157 

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Private/secret databases: database files that are only visible to plugins 685806511  
680262437 https://github.com/simonw/datasette/issues/950#issuecomment-680262437 https://api.github.com/repos/simonw/datasette/issues/950 MDEyOklzc3VlQ29tbWVudDY4MDI2MjQzNw== simonw 9599 2020-08-25T20:49:24Z 2023-08-23T21:34:09Z OWNER

The alternative to this would be to use regular databases and control access to them using Authentication and permissions. My concern there is that it's just too easy for someone to mess up their configuration, which would be really bad. I like the idea of a much stronger defense mechanism specifically designed for secrets that should not be exposed.

Outside of secrets, passwords and tokens this mechanism could also be useful for the use-case of using Datasette to power websites - as seen on https://www.niche-museums.com/ and https://www.rockybeaches.com/ - maybe those sites don't want to expose their data through their API but still want to use datasette-template-sql and the graphql() template tag in datasette-graphql to render data.

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Private/secret databases: database files that are only visible to plugins 685806511  
680374196 https://github.com/simonw/datasette/issues/950#issuecomment-680374196 https://api.github.com/repos/simonw/datasette/issues/950 MDEyOklzc3VlQ29tbWVudDY4MDM3NDE5Ng== simonw 9599 2020-08-26T00:43:50Z 2020-08-26T00:43:50Z OWNER

The problem with the term "private" is that it could be confused with the concept of databases that aren't visible to the public due to the permissions system - the ones that are displayed with the padlock icon e.g. on https://datasette-auth-passwords-demo.datasette.io/

So I think "secret" is a better term for these.

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Private/secret databases: database files that are only visible to plugins 685806511  
680264202 https://github.com/simonw/datasette/issues/950#issuecomment-680264202 https://api.github.com/repos/simonw/datasette/issues/950 MDEyOklzc3VlQ29tbWVudDY4MDI2NDIwMg== simonw 9599 2020-08-25T20:53:13Z 2020-08-25T20:53:13Z OWNER

Forcing people to spell out datasette github.db --private private.db isn't terrible though.

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Private/secret databases: database files that are only visible to plugins 685806511  
680263999 https://github.com/simonw/datasette/issues/950#issuecomment-680263999 https://api.github.com/repos/simonw/datasette/issues/950 MDEyOklzc3VlQ29tbWVudDY4MDI2Mzk5OQ== simonw 9599 2020-08-25T20:52:47Z 2020-08-25T20:52:47Z OWNER

Naming challenge: secret databases or private databases?

I prefer private. But datasette -p is already taken by --port. datasette -s is currently available.

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Private/secret databases: database files that are only visible to plugins 685806511  
680263427 https://github.com/simonw/datasette/issues/950#issuecomment-680263427 https://api.github.com/repos/simonw/datasette/issues/950 MDEyOklzc3VlQ29tbWVudDY4MDI2MzQyNw== simonw 9599 2020-08-25T20:51:30Z 2020-08-25T20:52:13Z OWNER

datasette-graphql currently dispatches requests through the TableView class, so if that couldn't access private databases then it would not be able to either. See also the concept for datasette.get(...) as an internal API in #943 - that might need to have a mechanism for also being able to query private databases, maybe datasette.get(path, allow_private=True).

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 Private/secret databases: database files that are only visible to plugins 685806511  

Advanced export

JSON shape: default, array, newline-delimited, object

CSV options: 

CREATE TABLE [issue_comments] (
   [html_url] TEXT,
   [issue_url] TEXT,
   [id] INTEGER PRIMARY KEY,
   [node_id] TEXT,
   [user] INTEGER REFERENCES [users]([id]),
   [created_at] TEXT,
   [updated_at] TEXT,
   [author_association] TEXT,
   [body] TEXT,
   [reactions] TEXT,
   [issue] INTEGER REFERENCES [issues]([id])
, [performed_via_github_app] TEXT);
CREATE INDEX [idx_issue_comments_issue]
                ON [issue_comments] ([issue]);
CREATE INDEX [idx_issue_comments_user]
                ON [issue_comments] ([user]);