Skip to content

Deprecation Notice: GraphQL for Packages

GitHub Packages is being re-platformed, unlocking great capabilities such as fine-grained permissions, org-level publishing and increased performance.

Package registries on the new GitHub Packages architecture, including container registry and npm packages, no longer expose data through the GraphQL API. We recommend using the REST API instead.

In the coming months we will be migrating our other GitHub Package registries to this new architecture deprecating the GraphQL API for those registries as well.

If you have any questions, please contact GitHub Support.

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud.

We have partnered with ReadMe to scan for their API keys and help secure our mutual users on public and private repositories. ReadMe’s API keys allow users to sync OpenAPI and Markdown files to their developer hubs using the rdme GitHub Action, as well as perform other programmatic updates using the ReadMe API. We’ll forward exposed API keys found in public repositories to ReadMe, who will immediately revoke the token and notify the project administrators via email. More information about ReadMe’s API keys can be found here.

GitHub Advanced Security customers can also scan for ReadMe tokens and block them from entering their private and public repositories with push protection.

See more