I have some packages that are not available on UPM registries but otherwise have a valid package.json manifest. To keep my project’s source tree slim, I’d like to put these packages on a private GitHub repository and put the URL for that in my manifest.json. Is that possible? How would I authenticate, with a private key?
1 Like
You need to embed a github key into your manifest.json. Works exactly like how npm handles it.
1 Like
Thank you!
Although I added the package to my manifest without that info and it just worked. Literally as if it were public. I think I previously configured my SSH private key or my GitHub credentials to allow this but then forgot about it, so I don’t know why this works. This is convenient, but I’d like to be able to reproduce this.
Why does this work? I’m using Windows 10.
Hi @JesseSTG_1 ,
Have you looked at this section of the manual? https://docs.unity3d.com/Manual/upm-git.html#Git-SSH
Encoding credentials in a URL works, but is unsecure. If you do that, you should avoid sharing the modified project with other people otherwise they’ll be able to access your Git repo with your full repo permissions. Using an SSH key-based authentication is better and is supported by the Unity Package Manager.
2 Likes
Nice timing, we literally responded at the same time!
2 Likes