Fix description about ensuring workflow access to private package

I modified it because going to packages settings gives me access to private GitHub packages from other repositories.
2025-11-04 12:13:35 +00:00 · 2023-03-08 17:46:53 +09:00 · 2023-03-08 17:46:53 +09:00 · 1c0d806277
commit 1c0d806277
parent 7c29869aec
1 changed files with 5 additions and 2 deletions
--- a/docs/advanced-usage.md
+++ b/docs/advanced-usage.md
@ -401,11 +401,14 @@ steps:
    yarn config set npmScopes.my-org.npmAlwaysAuth true
    yarn config set npmScopes.my-org.npmAuthToken $NPM_AUTH_TOKEN
  env:
-    NPM_AUTH_TOKEN: ${{ secrets.YARN_TOKEN }}
+    NPM_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 - name: Install dependencies
  run: yarn install --immutable
 ```
-NOTE: As per https://github.com/actions/setup-node/issues/49 you cannot use `secrets.GITHUB_TOKEN` to access private GitHub Packages within the same organisation but in a different repository.
+
 To access private GitHub Packages within the same organization, go to "Manage Actions access" in Package settings and set the repositories you want to access.
 Please refer to the [Ensuring workflow access to your package - Configuring a package's access control and visibility](https://docs.github.com/en/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-workflow-access-to-your-package) for more details.
 ### always-auth input
 The always-auth input sets `always-auth=true` in .npmrc file. With this option set [npm](https://docs.npmjs.com/cli/v6/using-npm/config#always-auth)/yarn sends the authentication credentials when making a request to the registries.