The previous discussion was marked as solved, but I don’t think authentifcation is required when pulling from a public registry.
This kind of reminds me the infamous docker ce download issue, https://github.com/docker/docker.github.io/issues/6910 (Download Docker CE without logging in)
In a process, you currently need to login the GitHub Packages at least once before publishing/downloading/deleting a package from the GitHub Packages.
Even if packages are public, you still need to login the GitHub Packages at first.
If your projects really need the feature that public packages no need authenticating, I recommend you directly report a feature request here. That will allow you to directly interact with the appropriate engineering team, and make it more convenient for the engineering team to collect and categorize your suggestions.