Skip to content

Public Github packages used as dependencies in a maven project cant be accessed by LGTM #530

Answered by aibaars
Lmnoppy asked this question in Q&A
Discussion options

You must be logged in to vote

The Authenticating to GitHub Packages section in the documentation explains how to configure authentication with a personal access token (PAT). Unfortunately, LGTM does not provide a way to securely include credentials such as a PAT in its configuration files. Including plain text credentials in configuration files would be risky, and I'd recommend against taking that approach.

If you only have one (or very few) dependencies that are (small) open-source projects, then it is probably best to create an .lgtm.yml configuration that git clones the dependencies and mvn installs them in a before_index script defined in an lgtm.yml file. That way mvn should be able to find them without having to…

Replies: 1 comment 1 reply

Comment options

You must be logged in to vote
1 reply
@Lmnoppy
Comment options

Answer selected by Lmnoppy
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants