From 460c673cc40435b3e5def2b3827f3ca0dcead1db Mon Sep 17 00:00:00 2001
From: Jordi Boggiano <j.boggiano@seld.be>
Date: Tue, 14 Jan 2020 15:35:52 +0100
Subject: [PATCH 1/2] Use Authorization header instead of deprecated
 access_token query param, fixes #8454

---
 src/Composer/Util/RemoteFilesystem.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Composer/Util/RemoteFilesystem.php b/src/Composer/Util/RemoteFilesystem.php
index ed6d37241..478ef12c9 100644
--- a/src/Composer/Util/RemoteFilesystem.php
+++ b/src/Composer/Util/RemoteFilesystem.php
@@ -277,7 +277,7 @@ class RemoteFilesystem
         if (isset($options['github-token'])) {
             // only add the access_token if it is actually a github URL (in case we were redirected to S3)
             if (preg_match('{^https?://([a-z0-9-]+\.)*github\.com/}', $fileUrl)) {
-                $fileUrl .= (false === strpos($fileUrl, '?') ? '?' : '&') . 'access_token='.$options['github-token'];
+                $options['http']['header'][] = 'Authorization: token '.$options['github-token'];
             }
             unset($options['github-token']);
         }

From ca0b23680483e61ee9d5e03ef10ad03c2e2a58fb Mon Sep 17 00:00:00 2001
From: Jordi Boggiano <j.boggiano@seld.be>
Date: Tue, 4 Feb 2020 12:57:52 +0100
Subject: [PATCH 2/2] Update changelog

---
 CHANGELOG.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b737db151..b788e7fbb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,7 @@
+### [1.9.3] 2020-02-04
+
+  * Fixed GitHub deprecation of access_token query parameter, now using Authorization header
+
 ### [1.9.2] 2020-01-14
 
   * Fixed minor git driver bugs
@@ -783,6 +787,7 @@
 
   * Initial release
 
+[1.9.3]: https://github.com/composer/composer/compare/1.9.2...1.9.3
 [1.9.2]: https://github.com/composer/composer/compare/1.9.1...1.9.2
 [1.9.1]: https://github.com/composer/composer/compare/1.9.0...1.9.1
 [1.9.0]: https://github.com/composer/composer/compare/1.8.6...1.9.0