Hello I have a question about NPM packages in Github.
We want to share our certain private NPM packages only with people who are paid customers. There can be hundreds of these customers. What’s the best way to do that?
Looks like this is related to Add outside collaborators to a team without giving them acess to other repos in an organization?
I’ve read the docs but they seem not to describe this workflow in detail. If I understood it correctly this is how it should be done:
- We publish private “paid” NPM packages in a private repo in our organization.
- We add customers 1 by 1 into our organization (which is 4$ each monthly) and limit their access to only the private repos which contain those private npm packages we want to share with them
- Customers create their own access tokens in Github and add them to .npmrc file.
- Customers edit .npmrc file in their repo to list our organization as well
Is that correct? This seems quite complicated and too pricey because of step #2. Is there a better way? Thanks!