You can help people understand and use your package by providing a description and other details like installation and usage instructions on the package page. GitHub provides metadata for each version, such as the publication date, download activity, and recent versions. For an example package page, see @Codertocat/hello-world-npm.
Você pode publicar pacotes em um repositório público (público pacotes) para compartilhar com todo o tipo de GitHub ou em um repositório privado (pacotes privados) para compartilhar com os colaboradores ou uma organização. A repository can be connected to more than one package. To prevent confusion, make sure the README and description clearly provide information about each package.
If a new version of a package fixes a security vulnerability, you should publish a security advisory in your repository. GitHub reviews each published security advisory and may use it to send Alertas do Dependabot to affected repositories. For more information, see "About GitHub Security Advisories."
You can publish a package to GitHub Package Registry using any supported package client by following the same general guidelines.
- Create or use an existing access token with the appropriate scopes for the task you want to accomplish. For more information, see "About permissions for GitHub Package Registry."
- Authenticate to GitHub Package Registry using your access token and the instructions for your package client.
- Publish the package using the instructions for your package client.
For instructions specific to your package client, see "Working with a GitHub Packages registry."
After you publish a package, you can view the package on GitHub. For more information, see "Viewing packages."