About published packages
You can help people understand and use your package by providing a description and other details like installation and usage instructions on the package page. GitHub Enterprise Cloud provides metadata for each version, such as the publication date, download activity, and recent versions. For an example package page, see @Codertocat/hello-world-npm.
您可以在公共仓库中发布包(公共包)以与所有人GitHub共享,或者在私有仓库(私有包)中与协作者或组织共享。 A repository can be connected to more than one package. To prevent confusion, make sure the README and description clearly provide information about each package.
If a new version of a package fixes a security vulnerability, you should publish a security advisory in your repository. GitHub reviews each published security advisory and may use it to send Dependabot 警报 to affected repositories. For more information, see "About GitHub Security Advisories."
Publishing a package
You can publish a package to GitHub Packages using any supported package client by following the same general guidelines.
- Create or use an existing access token with the appropriate scopes for the task you want to accomplish. For more information, see "About permissions for GitHub Packages."
- Authenticate to GitHub Packages using your access token and the instructions for your package client.
- Publish the package using the instructions for your package client.
For instructions specific to your package client, see "Working with a GitHub Packages registry."
After you publish a package, you can view the package on GitHub. For more information, see "Viewing packages."