info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1008873: composer: Composer cannot parse GitHub OAuth token after the recent format change
547 views
Skip to first unread message
Daniel Fancsali
Apr 3, 2022, 6:30:03 AM4/3/22
to
Package: composer
Version: 2.0.9-2
Severity: important
Dear Maintainer,
Using composer with private repositiories means one needs to user OAuth
tokens; however the current version of Composer in debian is somewhat
older, and cannot parse the recently updated GitHub token format.
SO, if there are any tokens configured, every subcommand will fail with
below message:
> In BaseIO.php line 128:
>
> Your github oauth token for github.com contains invalid characters:
> "ghp_somehashthatiwontdisclose"
Most likely this will affect both stable and oldstable; for further info
see:
https://nono.ma/github-oauth-token-for-github-com-contains-invalid-characters-on-composer-install
-- System Information:
Distributor ID: Raspbian
Description: Raspbian GNU/Linux 11 (bullseye)
Release: 11
Codename: bullseye
Architecture: armv7l
Kernel: Linux 5.10.92-v7+ (SMP w/3 CPU threads)
Kernel taint flags: TAINT_CRAP
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages composer depends on:
ii jsonlint 1.8.3-2
ii php-cli 2:7.4+76
ii php-common 2:76
ii php-composer-ca-bundle 1.2.9-1
ii php-composer-semver 3.2.4-2
ii php-composer-spdx-licenses 1.5.5-2
ii php-composer-xdebug-handler 1.4.5-1
ii php-json-schema 5.2.10-2
ii php-psr-log 1.1.3-2
ii php-react-promise 2.7.0-2
ii php-symfony-console 4.4.19+dfsg-2+deb11u1
ii php-symfony-filesystem 4.4.19+dfsg-2+deb11u1
ii php-symfony-finder 4.4.19+dfsg-2+deb11u1
ii php-symfony-process 4.4.19+dfsg-2+deb11u1
ii php7.4-cli [php-cli] 7.4.28-1+deb11u1
Versions of packages composer recommends:
ii git 1:2.30.2-1
ii unzip 6.0-26
Versions of packages composer suggests:
pn fossil <none>
pn mercurial <none>
pn php-zip <none>
pn subversion <none>
-- no debconf information
Version: 2.0.9-2
Severity: important
Dear Maintainer,
Using composer with private repositiories means one needs to user OAuth
tokens; however the current version of Composer in debian is somewhat
older, and cannot parse the recently updated GitHub token format.
SO, if there are any tokens configured, every subcommand will fail with
below message:
> In BaseIO.php line 128:
>
> Your github oauth token for github.com contains invalid characters:
> "ghp_somehashthatiwontdisclose"
Most likely this will affect both stable and oldstable; for further info
see:
https://nono.ma/github-oauth-token-for-github-com-contains-invalid-characters-on-composer-install
-- System Information:
Distributor ID: Raspbian
Description: Raspbian GNU/Linux 11 (bullseye)
Release: 11
Codename: bullseye
Architecture: armv7l
Kernel: Linux 5.10.92-v7+ (SMP w/3 CPU threads)
Kernel taint flags: TAINT_CRAP
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages composer depends on:
ii jsonlint 1.8.3-2
ii php-cli 2:7.4+76
ii php-common 2:76
ii php-composer-ca-bundle 1.2.9-1
ii php-composer-semver 3.2.4-2
ii php-composer-spdx-licenses 1.5.5-2
ii php-composer-xdebug-handler 1.4.5-1
ii php-json-schema 5.2.10-2
ii php-psr-log 1.1.3-2
ii php-react-promise 2.7.0-2
ii php-symfony-console 4.4.19+dfsg-2+deb11u1
ii php-symfony-filesystem 4.4.19+dfsg-2+deb11u1
ii php-symfony-finder 4.4.19+dfsg-2+deb11u1
ii php-symfony-process 4.4.19+dfsg-2+deb11u1
ii php7.4-cli [php-cli] 7.4.28-1+deb11u1
Versions of packages composer recommends:
ii git 1:2.30.2-1
ii unzip 6.0-26
Versions of packages composer suggests:
pn fossil <none>
pn mercurial <none>
pn php-zip <none>
pn subversion <none>
-- no debconf information
Robin Gustafsson
Apr 3, 2022, 1:00:05 PM4/3/22
to
fixed 2.0.11-1
thanks
On Sun, Apr 3, 2022 at 12:27 PM Daniel Fancsali <fanc...@gmail.com> wrote:
> Package: composer
> Version: 2.0.9-2
> Severity: important
> [...]
Regards,
Robin
thanks
On Sun, Apr 3, 2022 at 12:27 PM Daniel Fancsali <fanc...@gmail.com> wrote:
> Package: composer
> Version: 2.0.9-2
> Severity: important
> Using composer with private repositiories means one needs to user OAuth
> tokens; however the current version of Composer in debian is somewhat
> older, and cannot parse the recently updated GitHub token format.
Duplicate of #989315.
> tokens; however the current version of Composer in debian is somewhat
> older, and cannot parse the recently updated GitHub token format.
Regards,
Robin
0 new messages