package.json does not support explicitly specifying which registries to route package requests to for its dependencies and devDependencies.
It is possible that the project uses dependencies from the npm registry and one or more GitHub Packages.
By default, npm install loads the modules from the npm package registry, https://registry.npmjs.org/, because this is the default value of registry in the npm config (a line in .npmrc or npm config get registry):
If this value is changed to say, https://npm.pkg.github.com, npm install will try to load all project dependencies from GitHub Packages. It is possible, however, to override this value for a specific @SCOPE using the following syntax:
For instance, if the project has the following package.json:
then npm install will download react from the npm registry and @octo-org/octo-app from GitHub Packages.
This configuration allows one registry to host multiple scopes, but a scope can only point to a single registry.