Fix description about ensuring workflow access to private package (#704)

actions · Jun 15, 2023 · 698d505 · 698d505
1 parent 869f4dd
commit 698d505
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/docs/advanced-usage.md b/docs/advanced-usage.md
@@ -401,11 +401,14 @@ steps:
     yarn config set npmScopes.my-org.npmAlwaysAuth true
     yarn config set npmScopes.my-org.npmAuthToken $NPM_AUTH_TOKEN
   env:
-    NPM_AUTH_TOKEN: ${{ secrets.YARN_TOKEN }}
+    NPM_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 - name: Install dependencies
   run: yarn install --immutable
 ```
-NOTE: As per https://github.com/actions/setup-node/issues/49 you cannot use `secrets.GITHUB_TOKEN` to access private GitHub Packages within the same organisation but in a different repository.
+
+To access private GitHub Packages within the same organization, go to "Manage Actions access" in Package settings and set the repositories you want to access.
+
+Please refer to the [Ensuring workflow access to your package - Configuring a package's access control and visibility](https://docs.github.com/en/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-workflow-access-to-your-package) for more details.
 
 ### always-auth input
 The always-auth input sets `always-auth=true` in .npmrc file. With this option set [npm](https://docs.npmjs.com/cli/v6/using-npm/config#always-auth)/yarn sends the authentication credentials when making a request to the registries.