Packages: npm - granular permissions and easy organization sharing

[github-product-roadmap]

Summary This enhances GitHub Packages support for npm by allowing granular permissions for individual packages and easier sharing within the organization.

Intended Outcome With the introduction of GitHub Container Registry, users are able to store and share container images close to their source code on GitHub, including advanced capabilities such as fine-grained access control and easy sharing of packages across the organization. The same functionality will now been leveraged for the npm registry!

npm packages can be published to the Package Registry (npm.pkg.github.com), and retrieved whenever they need to be used as a dependency in a project. Going forward, users are enabled to

• publish packages on organization level, in addition to repository level
• have fine-grained access control over their npm packages, decoupled from the repository permissions
• have internal visibility settings for npm packages, in addition to private and public
• give permissions to packages independently for Actions and Codespaces
• increase performance and maintain more package versions than earlier

How will it work? Packages are published to the organization and permissions and visibility are managed on the package itself.