docs-bot
@@ -142,6 +142,7 @@ If you publish a package that is linked to a repository, {% data variables.produ
|
||||
**Notes:**
|
||||
- Syncing your package with a repository {% data variables.package_registry.package-settings-actions-access-menu %} is different than connecting your package to a repository. For more information about linking a repository to your package, see "[AUTOTITLE](/packages/learn-github-packages/connecting-a-repository-to-a-package)."
|
||||
- You can choose to limit permissions to workflow jobs usings the `permissions` key and `packages` scope. For more information, see "[AUTOTITLE](/actions/using-jobs/assigning-permissions-to-jobs)."
|
||||
- {% data reusables.package_registry.public-forks-private-packages %}
|
||||
|
||||
{% endnote %}
|
||||
|
||||
|
||||
@@ -72,7 +72,7 @@ These are more examples of how default permissions work for workflows that manag
|
||||
|
||||
| {% data variables.product.prodname_actions %} workflow task | Default permissions and access |
|
||||
|----|----|
|
||||
| Download an existing | - If the package is public, any workflow running in any repository can download the package. <br> - If the package is internal, then all workflows running in any repository owned by the Enterprise account can download the package. For enterprise-owned organizations, you can read any repository in the enterprise <br> - If the package is private, only workflows running in repositories that are given read permission on that package can download the package. <br>
|
||||
| Download an existing | - If the package is public, any workflow running in any repository can download the package. <br> - If the package is internal, then all workflows running in any repository owned by the Enterprise account can download the package. For enterprise-owned organizations, you can read any repository in the enterprise <br> - If the package is private, only workflows running in repositories that are given read permission on that package can download the package. {% data reusables.package_registry.public-forks-private-packages %} <br>
|
||||
| Upload a new version to an existing package | - If the package is private, internal, or public, only workflows running in repositories that are given write permission on that package can upload new versions to the package.
|
||||
| Delete a package or versions of a package | - If the package is private, internal, or public, only workflows running in repositories that are given admin permission can delete existing versions of the package.
|
||||
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
If you grant a public repository access to private packages, forks of the repository may be able to access the private packages.
|
||||
Reference in New Issue
Block a user