Similar to the npm registry, RubyGems, and Docker Hub, GitHub also introduced its own package management service called GitHub Package Registry in May this year. After gathering community feedback, the team yesterday announced that the service now has proxy support for the primary npm registry. Also, the feature that created a release whenever you published a package is now removed.
GitHub Package Registry and its features
GitHub Package Registry allows you to host packages publicly or privately and code in one place. It provides you an end-to-end DevOps workflow consisting of your code, Continuous Integration (CI), and deployment solutions by integrating with GitHub APIs, GitHub Actions, and Webhooks.
There are a number of features that GitHub Package Registry comes with. It inherits the permissions and visibility associated with the repository. This unified permissions management relieves organizations from maintaining a separate package registry and mirror permissions across systems.
GitHub Package Registry gives you an insight into packages by providing data such as download statistics, version history, and more. It also supports multi-format packages so you can host multiple software package types in one registry.
Proxy support for the primary npm registry
With the npm.js proxy support, developers will be able to set the GitHub Package Registry as the source of their organization’s npm packages and the proxied source of packages from npm. To use this feature you just need to change OWNER to your GitHub organization or username in your project’s ‘.npmrc’ file. This will instruct npm to redirect all package requests to GitHub Package Registry, which will then serve any requests for a package in your account.
In the future, the team plans to expand this feature to support other npm sources as well and add proxy support for other package types including Maven, NuGet, and Ruby. In order to prevent outages, they also plan to build a permanent cache on top of the proxy service.
Another update is that the feature that automatically created releases when you published a package, is now removed. Explaining the reason, the team wrote in the announcement, “Many customers expressed that automatically creating a release for every package published was unexpected and undesirable and that it led to conflicts for repositories that were managing their releases closely already. As of today, publishing a package will no longer create an accompanying release.”
The service is currently available in a limited public beta. GitHub is planning to make the service generally available via GitHub Universe later this year. Till then, it seeks for your feedback through the GitHub Package Registry survey.
You can read the official announcement to know more in detail.