home.social
Sign in Create account

#privatepackagist — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #privatepackagist, aggregated by home.social.

  1. michabbb @[email protected] ·

    ▪ Also patched in legacy Composer 1.10.28 (upgrade to 2.x still recommended)

    🚑 Immediate actions:
    1️⃣ Run composer.phar self-update NOW
    2️⃣ Can't update? Disable #GitHubActions workflows running Composer
    3️⃣ Review CI logs for leaked tokens
    4️⃣ Delete any log contents containing raw token values before they expire

    📦 #Packagist.org is unaffected — no GitHub App involved. #PrivatePackagist applied the fix and audited logs: no tokens were exposed. Self-hosted PP is also unaffected.

    #githubactions #packagist #privatepackagist
  2. michabbb @[email protected] ·

    ▪ Also patched in legacy Composer 1.10.28 (upgrade to 2.x still recommended)

    🚑 Immediate actions:
    1️⃣ Run composer.phar self-update NOW
    2️⃣ Can't update? Disable #GitHubActions workflows running Composer
    3️⃣ Review CI logs for leaked tokens
    4️⃣ Delete any log contents containing raw token values before they expire

    📦 #Packagist.org is unaffected — no GitHub App involved. #PrivatePackagist applied the fix and audited logs: no tokens were exposed. Self-hosted PP is also unaffected.

    #githubactions #packagist #privatepackagist
  3. michabbb @[email protected] ·

    ▪ Also patched in legacy Composer 1.10.28 (upgrade to 2.x still recommended)

    🚑 Immediate actions:
    1️⃣ Run composer.phar self-update NOW
    2️⃣ Can't update? Disable #GitHubActions workflows running Composer
    3️⃣ Review CI logs for leaked tokens
    4️⃣ Delete any log contents containing raw token values before they expire

    📦 #Packagist.org is unaffected — no GitHub App involved. #PrivatePackagist applied the fix and audited logs: no tokens were exposed. Self-hosted PP is also unaffected.

    #githubactions #packagist #privatepackagist
  4. michabbb @[email protected] ·

    ▪ Also patched in legacy Composer 1.10.28 (upgrade to 2.x still recommended)

    🚑 Immediate actions:
    1️⃣ Run composer.phar self-update NOW
    2️⃣ Can't update? Disable #GitHubActions workflows running Composer
    3️⃣ Review CI logs for leaked tokens
    4️⃣ Delete any log contents containing raw token values before they expire

    📦 #Packagist.org is unaffected — no GitHub App involved. #PrivatePackagist applied the fix and audited logs: no tokens were exposed. Self-hosted PP is also unaffected.

    #privatepackagist #packagist #githubactions
  5. michabbb @[email protected] ·

    ▪ Also patched in legacy Composer 1.10.28 (upgrade to 2.x still recommended)

    🚑 Immediate actions:
    1️⃣ Run composer.phar self-update NOW
    2️⃣ Can't update? Disable #GitHubActions workflows running Composer
    3️⃣ Review CI logs for leaked tokens
    4️⃣ Delete any log contents containing raw token values before they expire

    📦 #Packagist.org is unaffected — no GitHub App involved. #PrivatePackagist applied the fix and audited logs: no tokens were exposed. Self-hosted PP is also unaffected.

    #githubactions #packagist #privatepackagist
  6. packagist @[email protected] ·

    Bitbucket Cloud is retiring app passwords in favor of API tokens. If you're using Private Packagist with Bitbucket Cloud, migrate now to avoid future disruptions.

    This blog post explains it step-by-step: blog.packagist.com/bitbucket-d

    #php #composerphp #phpc #privatepackagist #bitbucket

    #php #composerphp #phpc #privatepackagist #bitbucket