Loading... Background job is running.
Changelog for Private Packagist Cloud
- Private Composer Packages
- Mirroring Composer Packages
- GitHub, Bitbucket and GitLab Integration
- Dependency License Review
Private Packagist Enterprise
You can find the changelog for Private Packagist Enterprise, our on-premise product, on https://packagist.com/docs/enterprise/changelog.
- You can now create authentication tokens with full update access including the automatic creation of mirrored packages, which are counted as regular users
- A new organization drop down in the top navigation makes it easier to switch between organization and to always see which team you're currently working with
- The packages page now also lists packages with a duplicate name showing a warning that they cannot be installed
- All packages which are replaced in the composer.json of any package you add, are now automatically mirrored to prevent problems with their automatic mirroring during composer update.
- Vendors can now disable their customers which will prevent them from installing assigned packages.
- The packages page has been rebuilt to offer various filters to find packages and displays more package information to quickly detect problems
- To avoid confusion with the Composer package type project, we renamed Private Packagist projects in the Agency Add-On to Subrepositories
- Initializing a Bitbucket git repository with a url like
https://bitbucket.org/acme/repositorywill now automatically transform the url into a valid git url e.g.
- Added install graphs for overall organization installs over time
- Packages marked as abandoned are now visible as such in the UI and show the suggested replacement
- Added a new team permission which lets team members create projects
- Added API endpoints to manage project packages
- Added API endpoints to manage mirrored third party repositories
- Added support for repositories which have a composer.json in any branch and/or tag but not the default branch
- All public repositories added via a synchronization are now available to all members in the organization
- The Magento Composer repository at repo.magento.com occasionally changes dist files after initial publication. We no longer send these checksums to clients, as is already the case in most other places like packagist.org.
- Added a billing history with the possibility to download previous invoices
- The user profile now also shows the username and id of all connected OAuth accounts, e.g. GitHub, GitLab, Bitbucket
- Synchronizations with Bitbucket now also recognize individual repository collaborators
- New organization members added via sync can now automatically be deactivated
- Added a new team permission which lets team members add packages and and add, edit and remove credentials and mirrored third party repositories
- When adding a new package one can now already select which teams have access to that package
- Improved the performance of package updates by caching versions without a composer.json
- Renamed the Owners/Admins Team option for authentication tokens to 'All packages'.
- The authentication tokens page now displays when the token was last used.
- Teams with edit access right can now also assign package permissions
- Updating a package url will now also update the source and dist information for all package versions.
- Added an option to override the default request timeout for mirrored Composer repositories
- Performance improvements to granting customers access to packages via API, editing credentials, renaming organizations, projects and customers and deleting packages
- The teams page now always lists the Owners and Admins team for everyone
- Added a search field when adding packages from synchronized repositories and when adding packages from the parent organization to a project
- Synchronizations now list runs during the previous 48 hours and what exactly changed on each run, e.g. new users or repositories
- The team member pages now display more information about each user, in particular the username they use on the service the team is synchronized with
- The API now accepts customer urlNames in addition to customer ids for all API calls requiring lookup of a customer
- The API uses the word "edit" for modifying objects instead of "update" which is usually reserved for reloading package data or the composer instruction
- The warning about being on a free trial now shows the exact date it ends
- Synchronizations can now be triggered by all members of an organization
- Synchronizations show which credential is used to make requests to the external service
- No longer displaying a warning about a missing hook for custom JSON packages which cannot be updated without editing the JSON
- Improved typography and spacing across all pages
- Billing access now works for Admins (non-Owners) who are also on the billing team
- Members of new teams found during synchronization are now added immediately, rather than only on the second synchronization run
- Synchronizations can now be configured on a per-project basis
- You can now grant teams access to view and/or manage vendor add-on customers
- Added settings page for vendor add-on customers and an option to deliver source URLs to customers via Composer
- When importing packages from JSON you can now select credentials to be applied
- You can now switch which of your synchronizations should be the primary one
- Added API endpoints to manage project authentication tokens
- Added support for the Composer search API
- Private Packagist for Agencies: Support for projects with a separate Composer repository, including options for mirrors, credentials and tokens to be defined for just one or a set of projects
- Packages mirrored from packagist.org are now updated automatically within a few seconds of changes on packagist.org rather than only twice a day
- Bitbucket Team hooks are now set up automatically to detect new packages when you create new repositories
- Added API endpoints to manage projects as part of Private Packagist for Agencies
- Added API endpoint to fetch all customers with access to a package as part of Private Packagist for Vendors
- Install statistics and count of accessible packages are now shown on the customers overview page
- Added list of versions to GET package API endpoint
- Managing access to packages for teams now sorts the dropdown of packages and lets you search through them
- Unauthenticated users trying to login are now redirected to their organization's custom login page if a custom integration is configured
- The list of customers is now sorted by name
- Changed body font color to black for more contrast
- Added composer instructions page on the customer detail page in the Private Packagist for Vendors addon
- Warn users if packages are configured to use credentials which do not work for the package's URL
- Improved the package update log output to better display authentication issues
- Package updates which fail because of external API limits are now retried once the limit resets
- Packages now show mirror information
- Synchronizations for existing organizations can now be set up with previously defined credentials
- Allow a user to disconnect from their last connected third party authentication provider
- Improved the speed of mirroring packages from packagist.org
- Authentication tokens assigned to synchronized teams won't be deleted anymore if the team gets removed by the synchronization they lose access to all packages but can be reassigned to a different team
- Improved the performance of package updates by caching version data
- Allow deactivating members who do not have a Private Packagist account yet on the organization members page
Login with github now to create an organization and start your free trial!