Amasty recently announced that starting January 1, 2026, they will be discontinuing global Composer access keys generated in the "Products" tab of customer accounts. Instead, they're moving to project-specific access keys that provide better security and cleaner dependency management by tying Composer access directly to individual projects rather than account-wide| Private Packagist
While we’re also putting the final touches on Conductor, our team has shipped regular updates and improvements to Private Packagist. We’ll share some significant changes we've made to Private Packagist over the past few months. Support for PIE We've introduced support for| Private Packagist
As of today, when you update your dependencies in a pull request, Private Packagist comments with all composer.lock changes displayed in a clear and easy to scan table. This feature is immediately available to all our customers at no additional cost. We love it! With the Private Packagist Update| Private Packagist
Did you know that October is Cyber Security Awareness month, and that this year already marks its 21st anniversary? This collaborative effort between government and industry aims to raise awareness of online risks and to share important safety tips. These campaigns focus on basic best practices, such as protecting your| Private Packagist
We're joining the Open Source Pledge because our business is built on and with open-source software. We will spend at least $2,000 per full-time developer on open-source projects and maintainers. Sentry launched this initiative after a $500,000 distribution across their open-source dependencies, and others followed. Sustainability| Private Packagist
Please immediately update Composer to version 2.3.5, 2.2.12, or 1.10.26 (composer.phar self-update). The new releases include fixes for a command injection security vulnerability (CVE-2022-24828) reported by Thomas Chauchefoin from SonarSource. Fixes for Packagist.org and Private Packagist were deployed within 24 hours of| Private Packagist