Post · bonfire.cafe

After Composer 2.9 CLI security improvements, we're working on a transparency log for Packagist org to strengthen PHP supply chain security, funded by the Sovereign Tech Agency with help of the PHP Foundation and Private Packagist. #php #phpc #composerphp

More detail about what we're working on can be viewed on our blog at https://blog.packagist.com/strengthening-php-supply-chain-security-with-a-transparency-log-for-packagist-org/

Private Packagist

Strengthening PHP Supply Chain Security with a Transparency Log for Packagist.org

The release of Composer 2.9 this week introduced new security features on the Composer CLI client, which were funded by Private Packagist through service subscriptions. But in parallel, we are working on security on the main PHP package repository at Packagist.org with additional funding from the Sovereign Tech

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.0 no JS en

Automatic federation enabled