Hello, I’m looking at the list of permissions that an App can be granted and I can’t see one which would allow my app to fetch packages from a repo. Is there a permission I can grant my app to fetch packages from repos/orgs it’s installed into?
Hello, @dgholz ! Welcome to the GitHub Community Forum––we’re glad to see you post this question here.
Permissions on “packages” is not currently available for all1 GitHub Apps (see
GitHub Apps Permissions for more details).
We’re always working to improve GitHub and the GitHub Support Community, and we consider every suggestion we receive. Would you mind submitting this through our official product feedback form so that our product team can track your request?
It may be worth noting that you can use either of these tokens to authenticate with GitHub Packages:
a personal access token with the
GITHUB_TOKENthat GitHub automatically creates for your repository when you enable GitHub Actions (see
About GitHub Packages with GitHub Actionsand
Permissions for the GITHUB_TOKENfor more details).
We hope this helps!
1 At this time of writing, the
GITHUB_TOKEN from GitHub Actions is an installation token associated with a GitHub App owned by GitHub and is the only GitHub App with access to packages.
Thanks, that’s helpful. I used an Action and its token to fetch packages from my org, but I see today that it’s failing to see private packages (published on other repos in our org). Last week it was working fine, was the scope of the token’s access to GitHub Packages changed recently?