Packages: Fine-grained permissions and organization-level publishing are now available for the GitHub Packages NuGet registry

The GitHub Packages NuGet registry now runs on a new architecture, unlocking great new capabilities:

Publishing packages at organization level with GitHub Packages

Previously, NuGet packages published to GitHub Packages were closely coupled to their repositories. Now packages can be published at an organization level. They can still be linked to a repository at any time, if needed.

Learn more about connecting a repository to a package.

Fine grained permissions for NuGet packages published to GitHub Packages

You can now configure Actions and Codespaces repository access on the package's settings page, or invite other users to access the package. Additionally, NuGet packages published to GitHub Packages can still be configured to automatically inherit all permissions from a linked repository.

Learn more about configuring a package's access control.

Internal visibility

In addition to public and private, a package's visibility can now also be set to internal. It is then visible for all members of the GitHub organization.


These new features are now available to all users on github.com.

Read more about working with the GitHub NuGet registry

We appreciate your feedback on these new changes in GitHub's public community discussions!

We've shipped improvements to the billing pages for GitHub Advanced Security so it is easier for you to see how many licenses you are using.

  • You can now see how enterprises and organizations are using licenses in the summary tiles.
  • You can download a CSV report for each item in the billing table so it is easier to report on license usage.
  • For enterprises, the table is sorted by the number of unique committers in each organization, so it is easy to see where GitHub Advanced Security licenses are used.
  • If an organization chooses to disable GitHub Advanced Security on a repository, the confirmation popup now informs you how this would impact your overall licenses usage.

Enterprise and Organisation GitHub Advanced Security usage

This is available on the GitHub Advanced Security section on the enterprise's billing settings page enterprise-name/settings/billing and the organization's code security and analysis settings page organization-name/settings/security_analysis.

This has shipped to GitHub.com and will be available in GitHub Enterprise Server 3.9. Learn more about the GitHub Advanced Security billing.

See more

GitHub Advanced Security customers using secret scanning can now view any new secrets exposed in an issue's title, description, or comments within the UI or the REST API. This expanded coverage will also detect and surface secrets matching any custom pattern defined at the repository, organization, or enterprise levels.

We have also expanded the secret scanning partner program. Secret scanning partners will now receive notifications for secrets found in public issues that match their token formats.

See more