getcomposer.org
getcomposer.org copied to clipboard
Auth via Manual Inline Basic Http is Misleading
On: https://getcomposer.org/doc/articles/authentication-for-private-packages.md#manual-inline-http-basic
The suggestion to use username:password does not work when composer install is initially run via a non-interactive console.
Moving the credentials to the composer.json's config.http-basic.<domain>.{username,password} keys fixes the issue, but is non-obvious and should be called out as the preferred solution for those who wish to have credentials in their composer.json. If you have direction for the suggested fix in documentation, I can attempt to create a PR.
I'm not sure, I feel like it's a bug if this doesn't work, but I'd have to try and check why it's not working..
So I cannot repro this..
{
"repositories": [
{
"type": "composer",
"url": "https://MY_USER:[email protected]/test-repo/"
}
],
"require": {
"foo/bar": "*"
}
}
Running composer update -vvv --no-interaction I get this:
[...]
Using HTTP basic authentication with username "MY_USER"
Downloading https://MY_USER:***@repo.packagist.com/test-repo/packages.json
[200] https://MY_USER:***@repo.packagist.com/test-repo/packages.json
So it seems to work fine despite not being too advisable.