Github package registry - Private package not found

I have a private repository and I was able to publish a private package successfully. But when I try to install the package, It gives a 404 error. I cannot download the package from the package landing page and the assets links to

I changed the visibility to public and the installation and assets’ link worked fine.


I’m having this exact same problem.


Thanks for creating a dedicated issue for this, @waqasibrahim (the previous issue wasn’t getting any attention since it’s marked fixed for an unrelated reason).

Here are the steps to reproduce:

  1. Create a new private repository. Per npm package naming requirements, make sure the repo owner and name (i.e. @repo-owner/repo-name) are both lowercase.
  2. Create a personal access token with the following scopes:
  • write:packages
  • read:packages
  • repo
  1. Authenticate against the GitHub NPM registry using your GitHub username and personal access token:

    $ npm login --scope @repo-owner --registry

  2. Use npm init to create a new npm package called @repo-owner/repo-name.

  3. Publish a new (and only) version of the NPM package with npm publish.

  4. Check that the package is visible with npm view:

    $ npm view @repo-owner/repo-name
    @repo-owner/repo-name@0.0.1 | ISC | deps: 0 | versions: 1

Now, try to install the package:

$ npm install -g @repo-owner/repo-name
npm ERR! code E404
npm ERR! 404 Not Found - GET

Check that though the GitHub UI is showing the new version, its tarball links to


I am also getting this.


Same isssue here, which is a shame as when github packages was released it looked like a perfect solution for consolidating a lot of disparate repository guff I’ve had to deal with.

I am having the same issue.

I can confirm that the problem has been fixed and might have been related to some “data transfer” billing issues at github. Support eventually cameback to me after 2 weeks and gave me the following response.


Thanks for your patience here, we believe there may have been some issues with rounding the data.

Can I ask you to:

Usage should be more accurately reflected, and you should be able to start using the package registry once more.



Is a personal access token still required?

Yes, it is. secrets.GITHUB_TOKEN does not work.

1 Like

We’ve also been getting charged for data transfer out when using personal access tokens to get a docker image hosted on the GitHub Package Registry from GitHub Actions. This is supposed to be free.

I am still experiencing this issue, but only when installing with yarn. Not when installing with npm. So strange!

Hello all,

I started also receiving today errors for installing packages (private) via circle ci…any ideas if there is anything wrong happenig? I feel like if it was a token problem I would not be getting a 404 but rather a permission denied…locally I can install the packages no problem…

Anyone else experiencing some issues recently on this?