Skip to content

Share files with suppliers

The Supplier Exchange lets you share specific files with someone who has no GitHub account — for example a supplier, manufacturer, or external reviewer. Recipients get a private link; they download files directly without logging in to anything.

How it works

An admin installs the GitMCloud Exchange app once for the account. After that, anyone with a permitted role can create a share — a named bundle of files with an optional password and expiry date. Recipients open the share link in any browser and download the files. GitMCloud logs every download.

Install Exchange for your account (admin, one-time)

Requires: Administrator or Owner role on the repository.

This is a once-per-account step, not once-per-repo. After it's done, sharing works on every repository the account owns — current and future.

  1. Open Settings (gear icon in the top-right) → Exchange tab.
  2. Click Install GitMCloud Exchange on GitHub →.
  3. On GitHub's install screen, choose which repositories to grant access to. Pick All repositories to cover every current and future repo (recommended), or select specific ones.
  4. Click Install. GitHub returns you to GitMCloud and the Exchange tab now shows Active for your account.

No token to create or paste. The app uses short-lived credentials minted automatically — nothing for you to manage or rotate.

To remove Exchange, click Uninstall in the Exchange tab (or uninstall the app from GitHub → Settings → Applications → Installed GitHub Apps). Existing share links stop working immediately.

Set the access policy (admin, per repository)

Each repository has its own access policy, set in Settings → Exchange:

  • Roles allowed to create share links — Engineer / Manager / Administrator / Owner.
  • Allow sharing native SolidWorks files (.SLDPRT / .SLDASM).
  • Require a password on every share, and default / maximum expiry caps.

The policy lives in .gitm/exchange-config.json in that repository, so different projects can have different sharing rules. Installing the app (account-wide) and setting the policy (per-repo) are separate steps.

Create a share

Requires: a role permitted by the repository's access policy (Engineer and above by default — see the policy section above).

  1. Open the Files tab and click 🔗 Share in the toolbar to enter selection mode.
  2. Tick the files you want to share (use Select all / search to narrow the list).
  3. Click Share with Supplier (N) to open the dialog.
  4. In the dialog:
  5. Note (optional) — a label visible to you and the recipient (e.g. "Rev B drawings").
  6. Expires — within the policy's maximum-expiry cap.
  7. Password — optional, unless the policy requires one.
  8. Click Create. GitMCloud writes the share record to .gitm/shares.json and displays the link. Copy it and send it to your recipient.

The link format is https://gitmcloud.gojain.com/#/exchange/<owner>/<repo>/s/<shareId>.

What recipients see

Recipients open the share link in a browser. No login, no GitHub account required.

  • The share shows the note, file list, and individual Download buttons.
  • If the share has more than one file and the total size is ≤ 50 MB, a Download all as ZIP button appears.
  • If a password was set, recipients must enter it first (10 wrong attempts locks them out for 15 minutes).
  • Expired or revoked shares show "This link is no longer available."

Manage shares

In the Team tab → Shares section each share row shows:

  • Note and creation date.
  • Status: active, or a badge for Expired / Revoked.
  • Expiry warning — a ⚠ badge appears when a share expires within 3 days (e.g. ⚠ 2d for two days remaining, ⚠ Today for expiry today).
  • Files count, and a lock icon if password-protected.
  • Revoke button — immediately invalidates the link (cannot be undone).

Download logging

Every file download through a share link is appended to .gitm/share-log.jsonl in the repository. Each log entry records the share ID, filename, timestamp, and anonymised IP. Only people with repository access can read the log.

Expected result

  • Recipients download the shared files without needing a GitHub account or GitMCloud login.
  • Downloads appear in .gitm/share-log.jsonl.

Troubleshooting

Symptom Cause Fix
"Supplier exchange is not active" The Exchange app isn't installed for this account, or doesn't have access to this repo Admin: Settings → Exchange → Install; on GitHub, ensure the install covers this repository
Exchange tab shows "Not installed" after installing The post-install redirect didn't complete Re-open Settings → Exchange and refresh; or re-run GitHub → Settings → Applications → Installed GitHub Apps → GitMCloud Exchange → Configure → Save
"This link is no longer available" Share expired, revoked, or share ID wrong Check the share in Team → Shares; create a new one if needed
"Too many attempts" on password 10 failed password attempts Wait 15 minutes for the lockout to clear
"Download all as ZIP" button not shown Share has only one file, or total size > 50 MB Download files individually for large shares

Known limitations

  • Share links are not secret by themselves — anyone with the URL can attempt to open the share (password protection adds a second layer). Don't embed share links in public places.
  • The ZIP download is limited to 50 MB total uncompressed size; larger shares must be downloaded file by file.
  • Exchange requires the GitMCloud Exchange GitHub App to be installed for the account, with Contents: read & write access (write is used only to append the download log). The app uses short-lived credentials and is never exposed to recipients.
  • GitMCloud cannot currently preview files on the share recipient page — download only.