Loading... Background job is running.
Private Packagist Documentation
- Private Composer Packages
- Mirroring Composer Packages
- GitHub, Bitbucket and GitLab Integration
- Dependency License Review
- API Documentation
Private Packagist Enterprise
- On-Premises Installation Guide
- Troubleshooting Guide
- Integration Setup
Create an organization
Log into Private Packagist and create an organization. If you store your private code in GitHub, GitLab, or Bitbucket use the corresponding button to create an organization synchronized with your GitHub, GitLab or Bitbucket organization.
Set up credentials
If you did not create a syhcnronized organization or if you store additional private code elsewhere, go to Settings > Manage Credentials. Enter a description, e.g. "Bitbucket API Key" and then pick the correct authentication type depending on where your code is stored.
Alternatively you can copy the SSH public key for your organization on the same page and grant the key access to your repositories.
If your organization is synchronized Private Packagist will have created packages for all of your private repositories containing a composer.json. Otherwise or if you would like to add additional packages you can add them in the Packages section of your organization with the Add button. Follow the instructions to pick the right option for your package.
Configure your project to use Private Packagist
To access Private Packagist you need to set up composer authentication. Copy the authentication command for your user from your user auth page. Run the command to store your user token on your machine.
To grant an automated process like your continuous integration system access, create an access token for your organization under Settings > Authentication Tokens. Then either copy the command and add it to the steps to be executed before running composer commands, or use the instructions for defining an environment variable containing composer authentication settings.
Once you have set up authentication, add the Private Packagist repository to your composer.json and disable packagist.org. You can see how the repositories section should look on the organization Overview. If you have any other external repositories make sure to add them to Private Packagist and remove all of them from your composer.json
composer update mirrors in your project to make sure the lock file is updated to use Private Packagist mirror downloads.
That's it, from now on composer update and install will make use of your Private Packagist repository!