The PHP Foundation is Seeking a New Executive Director! 🐘💜

We're asking the PHP community to help find the right person for this role. If you know someone who would be an excellent fit, please encourage them to apply or reach out to us directly.

https://thephp.foundation/blog/2025/11/10/seeking-new-executive-director/ #php #phpc #opensource

After Composer 2.9 CLI security improvements, we're working on a transparency log for Packagist org to strengthen PHP supply chain security, funded by the Sovereign Tech Agency with help of the PHP Foundation and Private Packagist. #php #phpc #composerphp

More detail about what we're working on can be viewed on our blog at https://blog.packagist.com/strengthening-php-supply-chain-security-with-a-transparency-log-for-packagist-org/

After Composer 2.9 CLI security improvements, we're working on a transparency log for Packagist org to strengthen PHP supply chain security, funded by the Sovereign Tech Agency with help of the PHP Foundation and Private Packagist. #php #phpc #composerphp

More detail about what we're working on can be viewed on our blog at https://blog.packagist.com/strengthening-php-supply-chain-security-with-a-transparency-log-for-packagist-org/

The PHP Foundation is Seeking a New Executive Director! 🐘💜

We're asking the PHP community to help find the right person for this role. If you know someone who would be an excellent fit, please encourage them to apply or reach out to us directly.

https://thephp.foundation/blog/2025/11/10/seeking-new-executive-director/ #php #phpc #opensource

Good morning dear meatsacks that observe my internet words. I have entered Sky Tube 1 of 2 in preparation for the corporeal relocation to @longhorn . Thank you for your attention on this matter. #php #phpc #phpcommunity #longhornphp #longhornphp2025

Good morning dear meatsacks that observe my internet words. I have entered Sky Tube 1 of 2 in preparation for the corporeal relocation to @longhorn . Thank you for your attention on this matter. #php #phpc #phpcommunity #longhornphp #longhornphp2025

OH from #PHPC Discord: “nothing so certain as a good junior and so uncertain as a good senior - by the time you hit lead you wonder that civilisation hasn't collapsed (and by the time you hit Head of Software Engineering you kinda hope it does).” —TernaryOperator

Together with PyPI, Maven Central, crates.io and other major package registries we signed a statement on sustainable open source infrastructure.

3B+ installs/month and evolving #composerphp and packagist.org requires sharing the costs.

Our Blog: https://blog.packagist.com/a-call-for-sustainable-open-source-infrastructure/
Open Letter: https://openssf.org/blog/2025/09/23/open-infrastructure-is-not-free-a-joint-statement-on-sustainable-stewardship/

#phpc #php #supplychainsecurity #opensourcesustainability

🚨 PSA for #PHP package maintainers: DO NOT REPLACE tags! If you messed up a release simply do another. No matter how quickly you notice a mistake, automatic tools already pulled the original tag, triggered automatic updates. Users will never know you recreated the tag and use the broken state. #phpc #composerphp

🚨 Warning to PHP package maintainers: We did not email you to change your passwords & 2FA. Emails asking you to update your credentials are a phishing attempt. We had the phishing site & domain taken down. If you got the email and entered your credentials, please contact us. #phpc #composerphp

Together with PyPI, Maven Central, crates.io and other major package registries we signed a statement on sustainable open source infrastructure.

3B+ installs/month and evolving #composerphp and packagist.org requires sharing the costs.

Our Blog: https://blog.packagist.com/a-call-for-sustainable-open-source-infrastructure/
Open Letter: https://openssf.org/blog/2025/09/23/open-infrastructure-is-not-free-a-joint-statement-on-sustainable-stewardship/

#phpc #php #supplychainsecurity #opensourcesustainability

🚨 Warning to PHP package maintainers: We did not email you to change your passwords & 2FA. Emails asking you to update your credentials are a phishing attempt. We had the phishing site & domain taken down. If you got the email and entered your credentials, please contact us. #phpc #composerphp

🚨 PSA for #PHP package maintainers: DO NOT REPLACE tags! If you messed up a release simply do another. No matter how quickly you notice a mistake, automatic tools already pulled the original tag, triggered automatic updates. Users will never know you recreated the tag and use the broken state. #phpc #composerphp

The era of Composer v1 finally comes to an end, long live Composer v2! 👑 Today packagist.org support for v1 metadata has been shut down as announced last year. https://blog.packagist.com/packagist-org-shutdown-of-composer-1-x-support-postponed-to-september-1st-2025/ #composerphp #phpc #php

The era of Composer v1 finally comes to an end, long live Composer v2! 👑 Today packagist.org support for v1 metadata has been shut down as announced last year. https://blog.packagist.com/packagist-org-shutdown-of-composer-1-x-support-postponed-to-september-1st-2025/ #composerphp #phpc #php