This doesn’t make any sense to me. After banging my head for a few hours attempting to set up a build for a private .NET Core repo that depends on a NuGet package from a sibling repo (under same org), I discovered the problem (as the docs confirmed) is that GITHUB_TOKEN doesn’t allow access to sibling repo packages when using GPR. That’s a huge miss it seems to me: almost every private org is going to have interdependencies between packages. The only solution I’ve found is to generate a PAT for my own user and use that, but that’s an obviously bad practice to have user-specific credentials in a shared build.
Am I missing something? Anyone else hit this issue too and have advice? We’ve evaluating replacing our Nexus instance with GitHub Packages, but issues like this are making it a hard sell. If there’s a feature request I could vote on/follow for this, please let me know!