About permissions for GitHub Packages

Learn about how to manage permissions for your packages.

GitHub Package Registry is available with GitHub Free, GitHub Pro, GitHub Free for organizations, GitHub Team, GitHub Enterprise Cloud, GitHub Enterprise Server, and GitHub AE.

Permissions for repository-scoped packages

A repository-scoped package inherits the permissions and visibility of the repository that owns the package. You can find a package scoped to a repository by going to the main page of the repository and clicking the Packages link to the right of the page.

The GitHub Package Registry registries below use repository-scoped permissions:

  • Docker registry (docker.pkg.github.com)
  • npm registry
  • RubyGems registry
  • Apache Maven registry
  • NuGet registry

Sobre escopos e permissões para registros de pacotes

To use or manage a package hosted by a package registry, you must use a token with the appropriate scope, and your user account must have appropriate permissions.

Por exemplo:

  • To download and install packages from a repository, your token must have the read:packages scope, and your user account must have read permission.
  • Para obter mais informações, consulte "Excluindo e restaurando um pacote.
EscopoDescriçãoPermissão necessária
read:packagesFaça o download e instale pacotes do GitHub Package Registryleitura
write:packagesFaça o upload e publique os pacotes em GitHub Package Registrygravação
delete:packages
Excluir pacotes de GitHub Package Registry
administrador
repoFaça o upload e exclua os pacotes (junto com write:packages ou delete:packages)write or admin

Ao criar um fluxo de trabalho de GitHub Actions, você pode usar o GITHUB_TOKEN para publicar e instalar pacotes no GitHub Package Registry sem precisar armazenar e gerenciar um token de acesso pessoal.

For more information, see:

Maintaining access to packages in GitHub Actions workflows

To ensure your workflows will maintain access to your packages, ensure that you're using the right access token in your workflow and that you've enabled GitHub Actions access to your package.

For more conceptual background on GitHub Actions or examples of using packages in workflows, see "Managing GitHub Packages using GitHub Actions workflows."

Access tokens

  • To publish packages associated with the workflow repository, use GITHUB_TOKEN.
  • To install packages associated with other private repositories that GITHUB_TOKEN can't access, use a personal access token

For more information about GITHUB_TOKEN used in GitHub Actions workflows, see "Authentication in a workflow."

Esse documento ajudou você?Política de Privacidade

Ajude-nos a tornar esses documentos ótimos!

Todos os documentos do GitHub são de código aberto. Você percebeu que algo que está errado ou não está claro? Envie um pull request.

Faça uma contribuição

Ou, aprenda como contribuir.