Documentation Index
Fetch the complete documentation index at: https://mintlify.com/Nettalco/nettalco-theme/llms.txt
Use this file to discover all available pages before exploring further.
@nettalco/nettalco-theme is hosted on GitHub Packages — not the public npm registry at registry.npmjs.org. This means every environment that needs to install or publish the package must authenticate with a valid GitHub token, regardless of whether that environment is a developer’s local machine, a CI pipeline, or a Docker build. This page covers all authentication scenarios, from local .npmrc setup to GitHub Actions integration.
Why GitHub Packages Requires Authentication
GitHub Packages enforces authentication even for packages in public repositories. Unlikeregistry.npmjs.org, there is no anonymous read access. Every npm install, npm ci, and npm publish targeting npm.pkg.github.com must present a token.
.npmrc Configuration
The.npmrc file is the standard mechanism for scoping a registry and providing credentials. It must be placed in the root of the consuming project — not inside node_modules, not in your home directory, and not in the library’s source tree.
.npmrc.example
The library ships a reference file at.npmrc.example showing both the recommended and discouraged forms:
.npmrc
.npmrc do the following:
| Line | Purpose |
|---|---|
@nettalco:registry=https://npm.pkg.github.com | Tells npm to route all @nettalco/* package requests to GitHub Packages instead of the public npm registry. |
//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN} | Provides the auth token for that registry host, reading from the GITHUB_TOKEN environment variable. |
Option 1: Environment Variable (Recommended)
Set theGITHUB_TOKEN environment variable in your shell before running any npm commands:
.bashrc, .zshrc, etc.) or your system environment variables.
Option 2: Hardcoded Token (Not Recommended)
You can write the token directly into.npmrc — but only if the file is excluded from version control:
.npmrc (NOT for git repos)
.npmrc to your .gitignore:
.gitignore
This approach is acceptable for local development on a personal machine, but is never safe for shared repositories, Docker images pushed to a registry, or any artifact that might be stored or transmitted.
Creating a GitHub Personal Access Token
You’ll need a GitHub PAT with the correct scopes depending on your use case:| Use Case | Required Scope |
|---|---|
| Install the package | read:packages |
| Publish a new version | write:packages |
Go to GitHub → Settings → Developer Settings → Personal access tokens → Tokens (classic) (or use Fine-grained tokens if your organization supports them).
Click Generate new token (classic). Give it a descriptive name like
nettalco-theme-install or nettalco-theme-publish.read:packageswrite:packages (which implies read:packages)Copy the generated token immediately — GitHub only shows it once. Store it in a password manager or your system’s credential store.
CI/CD Integration
GitHub Actions
GitHub Actions automatically provides aGITHUB_TOKEN secret for every repository. You do not need to create a personal access token for workflows that only install or publish within the same organization:
.github/workflows/install.yml
The
registry-url and scope parameters on actions/setup-node automatically configure your .npmrc for the workflow run. The GITHUB_TOKEN env variable is then picked up by that configuration.Publishing from GitHub Actions
For publishing a new version, the sameGITHUB_TOKEN is used — but the workflow must be triggered appropriately (e.g., on tag push or manual dispatch):
.github/workflows/publish.yml
Other CI Environments (Azure Pipelines, CircleCI, etc.)
For non-GitHub CI systems, store your PAT (write:packages scope) as a secret in your CI provider’s vault and inject it as an environment variable:
Azure Pipelines (excerpt)
Troubleshooting
npm ERR! 401 Unauthorized
npm ERR! 401 Unauthorized
npm ERR! 404 Not Found
npm ERR! 404 Not Found
The package scope routing may be missing. Ensure this line appears in your Without it, npm looks for
.npmrc:@nettalco/nettalco-theme on registry.npmjs.org where it doesn’t exist.Token works locally but fails in CI
Token works locally but fails in CI
CI environments don’t inherit your local shell environment. Ensure the token is stored as a CI secret and explicitly passed via
env: on the npm step. Never hardcode tokens in workflow YAML files.