From 460c673cc40435b3e5def2b3827f3ca0dcead1db Mon Sep 17 00:00:00 2001 From: Jordi Boggiano <j.boggiano@seld.be> Date: Tue, 14 Jan 2020 15:35:52 +0100 Subject: [PATCH 1/2] Use Authorization header instead of deprecated access_token query param, fixes #8454 --- src/Composer/Util/RemoteFilesystem.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Composer/Util/RemoteFilesystem.php b/src/Composer/Util/RemoteFilesystem.php index ed6d37241..478ef12c9 100644 --- a/src/Composer/Util/RemoteFilesystem.php +++ b/src/Composer/Util/RemoteFilesystem.php @@ -277,7 +277,7 @@ class RemoteFilesystem if (isset($options['github-token'])) { // only add the access_token if it is actually a github URL (in case we were redirected to S3) if (preg_match('{^https?://([a-z0-9-]+\.)*github\.com/}', $fileUrl)) { - $fileUrl .= (false === strpos($fileUrl, '?') ? '?' : '&') . 'access_token='.$options['github-token']; + $options['http']['header'][] = 'Authorization: token '.$options['github-token']; } unset($options['github-token']); } From ca0b23680483e61ee9d5e03ef10ad03c2e2a58fb Mon Sep 17 00:00:00 2001 From: Jordi Boggiano <j.boggiano@seld.be> Date: Tue, 4 Feb 2020 12:57:52 +0100 Subject: [PATCH 2/2] Update changelog --- CHANGELOG.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b737db151..b788e7fbb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +### [1.9.3] 2020-02-04 + + * Fixed GitHub deprecation of access_token query parameter, now using Authorization header + ### [1.9.2] 2020-01-14 * Fixed minor git driver bugs @@ -783,6 +787,7 @@ * Initial release +[1.9.3]: https://github.com/composer/composer/compare/1.9.2...1.9.3 [1.9.2]: https://github.com/composer/composer/compare/1.9.1...1.9.2 [1.9.1]: https://github.com/composer/composer/compare/1.9.0...1.9.1 [1.9.0]: https://github.com/composer/composer/compare/1.8.6...1.9.0