NPM public packages can't be accessed without a token #33875
Replies: 4 comments
-
I want to chime in as I am experiencing the same issue. We are publishing our component library as an NPM package in the GitHub registry. Having to configure the PAT hinder developer experience, specially when your package does not need to be private or requires authentication to be consumed. I would be curious to know as well if this access gate is by design and is never going to change. So that we can take the decision to create an organisation in NPM and publish our package there. Thanks so much! |
Beta Was this translation helpful? Give feedback.
-
We just ran into the same issue - some of our our npm's are only containing glue code (which is quite common when you develop for WebAssembly and all the IP is in the wasm binary). It would be very useful to access these npm's without token. |
Beta Was this translation helpful? Give feedback.
-
In reality it is way trickier:
This is quite unfortunate, I think GitHub really needs to fix it. Hopefully I will eventually write an in-depth blog post about this. |
Beta Was this translation helpful? Give feedback.
-
Not being able to install public npm packages from the Github registry without creating a personal access token makes it entirely unusable for a lot of normal use-cases... I wish they would fix this bug. |
Beta Was this translation helpful? Give feedback.
-
Container images can apparently be made public, and accessed anonymously:
https://docs.github.com/en/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility
However a NPM package cannon:
https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-npm-registry#authenticating-to-github-packages
This is quite confusing and counter intuitive. Why can't public NPM packages be accessed without authentication? Is this a problem of conflicting docs? I've spent a considerable amount of time trying to install a package from the NPM Github registry on a public package, but constantly got an error about missing auth token.
Am I doing something wrong, or is this by design?
Beta Was this translation helpful? Give feedback.
All reactions