Packages: Container registry now supports GITHUB_TOKEN

You can now use GITHUB_TOKEN to authenticate with the Packages Container registry in your Actions workflows. Say goodbye to all those PATs (delete them from your profile too!), and say hello to using the GITHUB_TOKEN in your workflows to read, create, update, and delete containers.

      - name: Login to Packages Container registry
        uses: docker/login-action@v1 
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
-          password: ${{ secrets.PAT }}
+          password: ${{ secrets.GITHUB_TOKEN }}

Write and read access of Actions to containers can be managed in the container settings.

manage actions access animation

Learn more about authenticating to Container registry with GitHub Actions

For questions, visit the GitHub Packages community

To see what's next for Packages, visit our public roadmap

The GitHub Packages Container registry can now create and use containers set with Internal visibility. Internal visibility allows all members of an organization and all organizations within an enterprise read access to the container to more easily share data with your teammates.

This feature is generally available today on GitHub Enterprise Cloud. Navigate to your organization's Packages settings and click the option for Internal visibility to enable.

image

Learn more about configuring visibility for container images

For questions, visit the GitHub Packages community

To see what's next for Packages, visit our public roadmap

See more

Security researchers provide a critical service to developers by identifying vulnerable software, but unfortunately, many developers don't know the people behind this work.

GitHub Security Advisories allow developers to provide researchers with credit on their reported vulnerabilities, and these already make their way into the Advisory Database. This change adds Advisory credits into the researcher's GitHub profile, and to profile hovercards when viewed in the context of a security advisory.

Learn more about GitHub's Advisory Database

Learn more about disclosing vulnerabilities with Security Advisories

See more