GitHub Packages is a package management service that makes it easy to publish public or private packages alongside your source code.

GitHub Packages is a package registry

GitHub Packages allows you to share your project’s dependencies within your organization or publicly.

When working on a project with package dependencies, it’s essential to trust them, understand their code, and connect with the community that created them. Within an organization, it’s also important to quickly identify what has been approved for your use.

GitHub Packages uses the same familiar GitHub interface to search for public packages across GitHub or private packages within your organization or repositories.

A standard package manager

GitHub Packages is compatible with common package management clients, allowing you to publish packages using the tools of your choice. If your repository is more complex, you can publish multiple packages of different types. You can also use webhooks or GitHub Actions to fully customize your publishing and post-publishing workflows.

Are you publishing an open-source package? Many open-source projects host their code on GitHub, enabling you to publish pre-release versions of your packages for testing within your community and then easily promote certain versions to the public registry of your choice.

GitHub Packages Compatibility with Package Managers

At the time of writing, GitHub Packages is compatible with the following package managers:

• npm, the package manager for NodeJS
• NuGet, the package manager for .NET
• RubyGems, the package manager for Ruby
• Maven and Gradle, two package managers for Java

GitHub Packages is also a container registry

From full applications to command-line utilities (CLI), containers are another way to distribute code. GitHub Packages allows you to publish and distribute container images. Once published (publicly or privately), these images can be used from anywhere, including:

• In your local development environment
• As a base image in your GitHub Codespaces development environment
• As a step to run in your CI/CD workflow (Continuous Integration / Continuous Delivery) with GitHub Actions
• On a server or a cloud service

Compare GitHub Packages to GitHub Releases

GitHub Packages is used to publish versions of your libraries in a standard package feed or a container registry. It is designed to leverage the specific behavior of the package manager being used, such as linking to the repository where the package was created and the version of the code used.

GitHub Releases, on the other hand, is used to publish a set of packaged software along with release notes and links to binary files. You can download these releases directly via a unique URL and link them to the specific commit from which they were created. Downloads are only available as tarball or ZIP archives.

Unified Identity and Permissions

Imagine you are working on a project hosted on GitHub: JavaScript for the front end with npm, and Java for the back end. You would need to manage at least three different sets of credentials and permissions: for Git, npm, and Maven repositories.

With GitHub Packages, you can use a single set of credentials for your source code repository, your private npm registry, and your private Maven or Gradle registry. Packages published via GitHub inherit the visibility and permissions defined at the repository level. A new team member needs read access to the package and its code? Simply give them read access to the repository, and you’re done!

Build and Publish Packages from GitHub

GitHub Actions is another GitHub feature that allows you to automate your software workflows. You can build, test, and deploy your code directly from GitHub.

By combining GitHub Actions and GitHub Packages, you can create a workflow that builds and tests your code, then publishes it to GitHub Packages simply by pushing code to your repository.

In the next unit, we will learn how to use this workflow to publish to GitHub Packages and the GitHub Container Registry.