Skip to content

Private mode: scout your own private contributions, in the browser #52

Description

@Pierry

What's the idea

Right now, GitFut scouts profiles based only on public activity, since the server uses a shared token. I'd love an opt-in "private mode" where the scout runs in the visitor's own browser with their own GitHub token, so the card can include the private contributions that the viewer is actually allowed to see (their own private repos and teammates within a shared org).

It is the same player card and the same scoring, just with the private numbers folded in for people who opt in. Nothing changes for anyone else.

Problem it solves

A lot of real work never shows up publicly. For anyone who works mostly in private or company repos, their public card looks almost empty even though they ship a ton. Public GitFut cannot see that, and it should not (shared token, privacy). But the viewer themselves can see their own private counts, so if the scout runs client-side with their token, the card finally reflects the work they actually do.

How it might work

An MVP, fully additive and opt-in:

  1. A small "Private" button in the corner, next to the GitHub star. The home stays exactly as it is.
  2. It opens a dialog where you paste a fine-grained, read-only token.
  3. The scout runs in the browser, calling api.github.com directly with your token. The GraphQL contributionsCollection already returns restrictedContributionsCount for the authenticated viewer, so no new fields are needed.
  4. It reuses the existing pipeline unchanged: the same GraphQL query, signalsFromPayload, and buildCard.
  5. The card renders in the same ResultView, with a toggle to include or exclude the private counts.

Because it runs client-side, it never touches the server or the Redis cache, and there is no shared URL for a private card (it is shown, not navigated to).

Security

This is the part I care about most, since it involves a token:

  1. The token is sent to exactly one place, api.github.com over HTTPS. Never to gitfut's servers, never logged, never in a URL.
  2. It is kept only in memory for the tab. Nothing is written to storage, so there is nothing to leak at rest, and closing the tab forgets it.
  3. The UI asks for a fine-grained, read-only token, so it is least privilege by default.

Screenshots

The button sits quietly next to the GitHub star, and opens a small dialog that explains exactly how the token is handled:

Image Image

Notes

I already have a working prototype that follows the contributing guide: lint, build, and tests are green, it adds a test, and it touches only one existing file (the app shell, to mount the button). Everything else is new files under lib/private and components/private. Happy to open a PR if you are up for the feature. Wanted to run the idea by you first.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions