NPM and GitHub Package Registry
What’s NPM?
NPM stands for Node Package Manager, simply it’s a open source repository which is hosted in GitHub for NodeJS projects also it is a command-line utility for interacting with said repository that aids in package installation, version management, and dependency management. NodeJS libraries and applications are published on npm, and many more are added every day. These applications can be searched for on http://npmjs.org/. Once you have a package you want to install, it can be installed with a single command-line command.
What’s GitHub Package Registry?
GitHub Packages is a software package hosting service provided by GitHub that allows you to host your software packages such as npm, docker, gem, dotnet, mvn, gradle in privately or publicly and use packages as dependencies in your projects.
You can integrate GitHub Packages with GitHub APIs, GitHub Actions, and webhooks to create an end-to-end DevOps workflow that includes your code, CI, and deployment solutions.
Configuring npm for use with GitHub Packages
You can configure npm to publish packages to GitHub Packages and to use packages stored on GitHub Packages as dependencies in an NodeJS project.
Authenticating to GitHub Packages
You need an access token to publish, install, and delete packages in GitHub Packages. You can use a personal access token to authenticate with your username directly to GitHub Packages or the GitHub API. You can use a GITHUB_TOKEN to authenticate using a GitHub Actions workflow.
You must use a personal access token with the appropriate scopes to publish and install packages in GitHub Packages. For more information, see “About GitHub Packages.”
You must use a personal access token with the appropriate scopes to publish and install packages in GitHub Packages. For more information, see “About GitHub Packages.”
You can authenticate to GitHub Packages with npm by either editing your per-user ~/.npmrc file to include your personal access token or by logging in to npm on the command line using your username and personal access token.
To authenticate by adding your personal access token to your ~/.npmrc file, edit the ~/.npmrc file for your project to include the following line, replacing TOKEN with your personal access token. Create a new ~/.npmrc file if one doesn’t exist.
//npm.pkg.github.com/:_authToken=TOKENTo authenticate by logging in to npm, use the npm login command, replacing USERNAME with your GitHub username, TOKEN with your personal access token, and PUBLIC-EMAIL-ADDRESSwith your email address.
$ npm login --registry=https://npm.pkg.github.com
> Username: USERNAME
> Password: TOKEN
> Email: PUBLIC-EMAIL-ADDRESSAuth with the GitHub Token
If you are using a GitHub Actions workflow, you can use a GITHUB_TOKEN to publish and consume packages in GitHub Packages without needing to store and manage a personal access token. For more information, see "Authenticating with the GITHUB_TOKEN."
Publishing a Package
You can publish multiple packages to the same GitHub repository by including a URL field in the package.json file. For more information, see "Publishing multiple packages to the same repository."
Publishing a package using publishConfig in the package.json file
You can use publishConfig element in the package.json file to specify the registry where you want the package published. For more information, see "publishConfig" in the npm documentation.
- Edit the package.json file for your package and include a
publishConfigentry.
"publishConfig": {
"registry":"https://npm.pkg.github.com/"
},2. Verify the repository field in your project's package.json. The repository field must match the URL for your GitHub repository. For example, if your repository URL is github.com/my-org/test then the repository field should be git://github.com/my-org/test.git.
3. Publish the package
npm publish
