Making a GitHub repository private takes less than a minute. Go to your repository's Settings, scroll to the Danger Zone at the bottom, click Change visibility, select Make private, and confirm by typing the repository name. Private repositories are only visible to you and people you explicitly invite as collaborators.
Public vs. Private Repositories on GitHub
Every GitHub repository is either public (visible to everyone on the internet) or private (visible only to you and invited collaborators). When you build an app with an AI tool like Lovable or V0, the generated repository is often public by default. This means anyone can see your source code, configuration files, and commit history. For most projects — especially commercial products — you want a private repository. Private repos protect your intellectual property, prevent competitors from copying your code, and hide any sensitive configuration. GitHub's free plan includes unlimited private repositories with unlimited collaborators, so there is no cost to switching. The only trade-off is that private repos cannot host GitHub Pages sites on the free plan and public forks will be disconnected.
Prerequisites
- A free GitHub account
- A public repository that you own (you must be the owner, not just a collaborator)
- A modern web browser
Step-by-step guide
Navigate to your repository Settings
Navigate to your repository Settings
Go to github.com and open the repository you want to make private. Look at the horizontal tab bar near the top — you will see Code, Issues, Pull requests, and at the far right, "Settings" (it has a gear icon). Click "Settings." If you do not see the Settings tab, you are not the repository owner — only owners can change visibility. The Settings page opens to the General section by default.
Expected result: You see the repository Settings page with sections like Repository name, Default branch, and Features.
Scroll to the Danger Zone section
Scroll to the Danger Zone section
Scroll all the way down on the Settings General page. Near the bottom, you will see a section outlined in red called "Danger Zone." This section contains high-impact actions: changing visibility, transferring ownership, archiving, and deleting the repository. The red border is a visual warning that these actions have significant consequences. Look for the row that says "Change repository visibility."
Expected result: You see the Danger Zone section with a "Change visibility" button in the row labeled Change repository visibility.
Click Change visibility and select Make private
Click Change visibility and select Make private
Click the "Change visibility" button. A dialog box appears with two options: "Make private" and "Make public" (if the repo is already public, you will see Make private). Select "Make private." GitHub will show you a list of consequences — forks will be disconnected, the repository will be removed from search results, and GitHub Pages will be disabled on free plans. Read these carefully. If everything looks acceptable, proceed to the confirmation step.
Expected result: A confirmation dialog appears asking you to type the repository name to confirm the visibility change.
Confirm by typing the repository name
Confirm by typing the repository name
GitHub requires you to type the full repository name (in the format "your-username/repository-name") into a text field to confirm the change. This safety measure prevents accidental visibility changes. Type the name exactly as shown — it is case-sensitive. Once you have typed it correctly, the "I understand, change repository visibility" button becomes active. Click it. The repository is now private immediately.
Expected result: The repository is now private. The Settings page refreshes and the visibility indicator changes to Private.
Invite collaborators who need access
Invite collaborators who need access
Since the repository is now private, only you can see it. To give access to teammates, go to Settings and click "Collaborators" in the left sidebar (under the Access section). Click the green "Add people" button. Search for a teammate's GitHub username or email address, select them, and click "Add." They will receive an email invitation that they must accept before they can access the repository. You can also set permission levels: Read (view only), Write (edit and push), or Admin (full control including settings).
Expected result: Your collaborators list shows the invited teammates with their permission levels and invitation status.
Complete working example
1# Repository Access Policy23## Visibility4This repository is PRIVATE. Only invited collaborators can view it.56## Permission Levels7| Role | Permission | What They Can Do |8|-------------------|------------|-------------------------------------|9| Founder / Owner | Admin | Full control, settings, billing |10| Developer | Write | Push code, merge PRs, manage issues |11| Designer / PM | Write | Edit files, create issues, review |12| External reviewer | Read | View code and issues, leave comments|1314## Adding Collaborators151. Go to Settings → Collaborators162. Click "Add people"173. Search by GitHub username184. Select the appropriate permission level195. They must accept the email invitation2021## Removing Access22- Go to Settings → Collaborators23- Click the "Remove" button next to the person24- Their access is revoked immediately2526## AI Tool Access27- Lovable: reconnect after visibility change if needed28- V0: GitHub integration works with private repos29- Cursor: local clone works regardless of visibilityCommon mistakes when making a GitHub Repository Private
Why it's a problem: Forgetting that collaborators need to be re-invited if they were previously using public access
How to avoid: After making a repository private, check the Collaborators list and make sure everyone who needs access has been explicitly invited.
Why it's a problem: Not checking for secrets in the commit history before making the repo private
How to avoid: If the repository was public, any secrets (API keys, passwords) in the commit history may have been exposed. Rotate all secrets even after making the repo private.
Why it's a problem: Trying to change visibility as a collaborator instead of the owner
How to avoid: Only the repository owner can change visibility. If you are a collaborator, ask the owner to make the change in Settings.
Why it's a problem: Assuming that making a repo private hides the commit history retroactively
How to avoid: Making a repo private stops new access, but anyone who previously viewed or cloned the public repo still has that copy. If sensitive data was exposed, rotate credentials immediately.
Best practices
- Make repositories private before pushing any code if your project is commercial
- Rotate any API keys or secrets that were ever committed to a public repository
- Use the minimum permission level for each collaborator (Read, Write, or Admin)
- Check the Collaborators list after changing visibility to ensure the right people have access
- Reconnect AI tools like Lovable after changing repository visibility
- Document your access policy so new team members know the rules
- Use GitHub's built-in secret scanning (available on public repos and paid plans) to detect exposed credentials
Still stuck?
Copy one of these prompts to get a personalized, step-by-step explanation.
I just made my GitHub repository private. Explain what I should check to make sure no sensitive data was exposed when it was public, and how to rotate API keys for services like Supabase and Stripe.
Frequently asked questions
Is it free to make a GitHub repository private?
Yes. GitHub's free plan includes unlimited private repositories with unlimited collaborators. There is no cost to change a public repository to private.
What happens to forks when I make a repository private?
Public forks become independent repositories. They keep their existing code but will no longer receive updates from your repository. Private forks within the same organization remain connected.
Will my AI tool (Lovable, V0, Cursor) still work with a private repository?
Yes, as long as the AI tool is authorized to access your GitHub account. You may need to reconnect the integration in the AI tool's settings after changing visibility.
Can I make the repository public again later?
Yes. Go to Settings, scroll to Danger Zone, click Change visibility, and select Make public. Be very careful — this exposes all code and commit history to the internet.
Does making a repo private delete any data?
No. All code, issues, pull requests, and commit history are preserved. The only change is who can see the repository.
Can RapidDev help secure my GitHub repository?
Yes. RapidDev helps non-technical founders set up private repositories, configure collaborator permissions, rotate exposed credentials, and connect AI tools securely.
How do I check if my repository has any exposed secrets?
GitHub has a built-in secret scanning feature that detects exposed API keys and tokens. On paid plans, go to Settings, then Code security and analysis, and enable Secret scanning. For free plans, manually search your code for API key patterns.
Talk to an Expert
Our team has built 600+ apps. Get personalized help with your project.
Book a free consultation