How to Make a GitHub Repository Private (Step-by-Step)
Change your GitHub repo from public to private in two clicks. Here's exactly what to do, what changes, and what to watch out for before you flip the switch.
Why Make a Repo Private?
Code starts public for lots of good reasons. You wanted quick feedback, you were exploring an idea, or you just didn't think much about it when you created the repo. Then something changes.
Maybe you committed an API key by accident. Maybe a client project doesn't belong on your public GitHub profile. Maybe you're building something competitive and don't want anyone watching your commits. Whatever the reason, making a repository private is a straightforward job — but a few things change when you do it. Knowing those things in advance saves you a real headache.
This guide covers every method: web UI, GitHub CLI, and API. It also covers what actually changes, what doesn't, and the mistakes that trip people up.
How to Make a GitHub Repository Private (Web UI)
This is the fastest method. Takes about 30 seconds.
Step 1: Open repository settings
Go to your repository on GitHub. Click the Settings tab in the top navigation bar. If you don't see Settings, you're not the repo owner or an admin. You'll need to ask someone with that role to do this.
Step 2: Scroll to the Danger Zone
The visibility controls live at the very bottom of the General settings page, in a section called "Danger Zone." GitHub puts them here because they're significant changes, not things you'd click by accident.
Step 3: Click "Change visibility"
Click the Change visibility button. A confirmation dialog opens.
Step 4: Select "Make private"
Choose Make private from the two options. GitHub prompts you to type the full repository name to confirm you mean it.
Step 5: Confirm
Type owner/repo-name in the text field and click the red confirmation button. That's it.
Access changes immediately. Anyone who wasn't a collaborator will get a 404 error when they try to visit the repo URL. No grace period, no warning to them.
How to Make a GitHub Repository Private (GitHub CLI)
If you prefer the terminal, the GitHub CLI makes this a one-liner.
First, check that you're authenticated:
`bash gh auth status `
Then change the visibility:
`bash gh repo edit owner/repo-name --visibility private `
Replace owner/repo-name with your actual path. Done.
To check the current visibility of any repo before you change it:
`bash gh repo view owner/repo-name --json visibility `
This is useful if you're managing multiple repos and want to audit visibility in a script.
How to Make a GitHub Repository Private (API)
For automation or bulk changes, use the GitHub REST API.
`bash curl -X PATCH \ -H "Authorization: Bearer YOUR_TOKEN" \ -H "Accept: application/vnd.github+json" \ https://api.github.com/repos/owner/repo-name \ -d '{"private": true}' `
Your token needs the repo scope. A fine-grained personal access token with "Repository administration" write permission also works.
Creating a New Repository as Private
If you're starting fresh, set visibility before you push anything. This is simpler than changing it later.
Via the web: On github.com/new, select Private before clicking Create repository.
Via CLI:
`bash gh repo create my-new-repo --private `
Via API:
`bash curl -X POST \ -H "Authorization: Bearer YOUR_TOKEN" \ -H "Accept: application/vnd.github+json" \ https://api.github.com/user/repos \ -d '{"name":"my-new-repo","private":true}' `
GitHub Free supports unlimited private repositories. There's no reason not to start private if you're not sure yet.
What Actually Changes When You Make a Repo Private
This is what most guides skip. Flipping the visibility switch does more than hide your code.
Forks become detached
Any public forks of your repo don't disappear — fork owners still have their copies. But GitHub severs the connection. Fork owners can no longer submit pull requests back to your repo from those forks. If you have active contributors, tell them before you switch.
Stars and watchers reset
Your star count drops to zero and your watchers list clears. GitHub removes these when a repo goes private. You can't preserve them. If you cared about the number, note it before switching.
Issues and pull requests stay intact
Open issues, pull requests, and comments all remain. Your collaborators can still see and interact with everything. Only people who weren't collaborators lose access.
GitHub Pages goes offline
If you had a GitHub Pages site served from this repo, it stops working when you go private. GitHub Pages requires a public repo on free plans. If you have a paid plan (GitHub Pro, Team, or Enterprise), you can keep Pages on a private repo. Check your plan first.
GitHub Actions minutes change
Public repos get unlimited Actions minutes. Private repos on GitHub Free get 2,000 minutes per month. If you run heavy CI pipelines, this matters. Calculate your usage before switching.
External integrations break
Any service that was reading your repo via a public URL stops working. Webhooks, third-party bots, status badges, and CI integrations that point to public endpoints all need updating. Audit your .github/workflows/ directory and any connected apps before you switch.
Making Repos Private on GitLab and Bitbucket
GitHub is the most common platform, but here's how to do it on the others.
GitLab
- 1.Open your project
- 2.Go to Settings > General
- 3.Expand Visibility, project features, permissions
- 4.Change Project visibility to Private
- 5.Click Save changes
GitLab handles forks the same way GitHub does — they become detached copies. Group visibility settings can also override project visibility, so check both if you're in an organization.
Bitbucket
- 1.Open your repository
- 2.Click Repository settings in the left sidebar
- 3.Find Project privacy under Repository details
- 4.Toggle to Private
- 5.Save
Bitbucket sets new repos to private by default. You'd only need this if you'd explicitly made something public.
Common Mistakes to Avoid
Assuming the switch fixes a credential leak
Making a repo private hides it from new visitors. It doesn't erase history. If you committed an API key three commits ago, it's still in every commit since. Anyone who cloned the repo before you switched has a copy with that key.
The right response to a leaked credential: rotate it immediately. That's the critical step. After that, use BFG Repo-Cleaner or git filter-repo to scrub the secret from history, then force-push. Making the repo private is a good precaution, but it's not a fix.
Thinking forks disappear
They don't. If someone forked your repo while it was public, they have a permanent independent copy. You have no control over it. If your repo contains sensitive IP and someone already forked it, the damage may already be done. Act fast before the fork window opens.
Breaking your deployment pipeline
CI/CD pipelines that pull packages, artifacts, or credentials via public GitHub URLs break immediately when you go private. Check all your workflow files and fix any hardcoded public URLs before switching.
Forgetting to tell collaborators
Collaborators don't get notified when you change repo visibility. If someone is mid-PR or mid-code review, the change confuses them. A quick message takes 30 seconds and prevents a lot of frustration.
Can You Make Specific Files or Branches Private?
No. GitHub doesn't support partial privacy. The entire repository is either public or private — there's no in-between.
If you need some code public and some code private, use two repositories. Many teams maintain a public "core" repo and a private one for proprietary extensions or configuration. The Dockerfile or core library is public; the customer-specific configs are private.
For keeping files out of version control entirely, use .gitignore. But .gitignore only works for untracked files. Once something is committed and pushed, it's in history.
FAQ
Can I make a private repo public again?
Yes, any time. Go to Settings > Danger Zone and change visibility to public. Your history, issues, and pull requests all come back. Stars and watchers start fresh.
Do forks of my public repo become private when I switch?
No. Forks are independent copies. They stay at whatever visibility the fork owner set them to. You can't force forks to go private.
What happens to open pull requests?
They stay open. Collaborators can still see and merge them. Contributors who weren't collaborators lose access.
How many private repos can I have on GitHub Free?
Unlimited. GitHub removed the limit on private repos in 2019. You can create as many as you want on a free account.
Does making a repo private affect commit history?
No — your full history stays intact for your collaborators. It just becomes invisible to everyone else.
How many collaborators can I have on a private repo with GitHub Free?
Unlimited. GitHub removed the collaborator limit on private repos in April 2020. You can add as many collaborators as you want on a free account.
Can I make a GitHub Pages site work on a private repo?
Only on paid plans (Pro, Team, Enterprise). On GitHub Free, Pages requires a public repo.
Private Repo, Public Progress
Here's something worth thinking about if you're building a product.
Making your repo private protects your code. It doesn't mean your users should be in the dark about what you're shipping. The two are separate questions.
Indie hackers and solo founders who ship consistently and then never post about it are leaving real growth on the table. You push 40 commits in a sprint and none of your potential users know it happened. That's the silent build-up problem.
The solution isn't making everything public. Your repo can stay private while your progress is visible. A changelog entry takes 5 minutes. A social post takes longer if you're writing it from scratch.
That's the gap Makrly fills. Connect your GitHub account, and every push generates ready-to-post social content for X, LinkedIn, Threads, Bluesky, and Facebook — plus a changelog entry with an embeddable widget. Private repo, public momentum. Your users see what you're shipping. You spend 60 seconds, not 45 minutes.
Private code doesn't mean hidden progress.