Changelog NotificationsAPIAikido login

Composer - Private packages

For Aikido to update dependencies that include private packages, it needs access to your private registries so it can generate accurate lockfile updates. A Composer registry can be set up by providing an auth.json file.

Prerequisites

Prepare auth.json

For private Composer packages, Aikido uses a auth.json file to authenticate with the private registry. This file will overwrite the auth.json in the root of the repository before the AutoFix starts but will not be added as part of the Pull Request. It is possible to configure multiple private registries in this file.

Example auth.json for accessing private packages on GitHub's Composer registry:

{
    "github-oauth": {
        "github.com": "your-github-token"
    }
}

Configuration in Aikido

Once write access to the repos is set up, you can configure Aikido to authenticate with your private Composer registry by following the steps below:

  1. Go to your account's settings page for the Autofix in Aikido, here.

  2. Click on "Connect Registry", the modal below will now be shown

  1. Select "Composer" as package manager

  1. Fill in your auth.json with authentication information. Aikido securely encrypts your configuration file until just before they are used.

  2. Click "Apply Changes" to save the configuration

Last updated

Was this helpful?