Graph of users, searches and searches with no results, peaking at close to 1 million searches in a day on April 1st after hovering around 50 thousand until March 20th, where it first peaked to 600 thousand.
The @algolia.bsky.social search was restored quickly yesterday (thanks!) The bot traffic, that picked up after the JS library upgrade last week, is under control too now. So we hope we don't run into this again.
Search on Packagist is currently unavailable due to large amounts of bot traffic that @algolia.bsky.social did not filter out. They now blocked packagist. UI search and the search API are affected. We are looking into temp workarounds till Algolia resolves our support request from yesterday.
We need your help to test Composer 2.10. Expect a final release next week, now is the time to try it out and flag any issue you find! github.com/composer/com... #composerphp #phpc
Private Packagist is a member of the @opensourcepledge.com & gave over $4k/FTE in 2025 to #opensource maintainers. Have your company join too! blog.packagist.com/private-pack... - Reach out if you want to be a launch partner for our Composer&Packagist.org sponsorship program! #composerphp #php #phpc
Nils Adermann wearing a blue Private Packagist hoodie and yellow Private Packagist t-shirt on stage next to a lectern pointing at a slide, photographed across backs of audience heads.
Laracon EU audience facing the stage
Nils Adermann taking a selfie from the balcony above the Laracon EU crowd with Nuno Maduro on a large screen talking to the audience.
Sign with community sponsor logos at Laracon EU Amsterdam including Private Packagist
Loved the very engaged audience of a thousand people at #LaraconEU 2026 in Amsterdam today at my "Composer Deep Dive" talk! Proud to sponsor the event with Private Packagist /
@packagist.com - Find me and chat about package management or @thephpf.bsky.social! #laravel #laracon #php #composerphp
Just arrived in Amsterdam for #LaraconEU - my talk "Composer Deep Dive" is tomorrow afternoon at 2:30pm! Hope to talk to as many of you about #composerphp @packagist.com and @thephpf.bsky.social ! #laravel #php
π Private Packagist February update: Redesigned login flow, team member MFA resets for org owners, new Microsoft Teams Workflow notifications (old connectors deprecated), clickable composer search URLs in your terminal blog.packagist.com/whats-new-in... #composerphp #php #phpc
Proud to announce we just renewed our annual $18,000 sponsorship for the The PHP Foundation!
Check out this summary on the work completed in 2025. So much more could be accomplished, if all businesses using PHP contributed. Sign up as a sponsor and help moving PHP forward!
Nils Adermann in yellow Private Packagist t-shirt and blue hoodie presenting in front of a crowd at SymfonyCon Amsterdam 2025.
Nils Adermann presenting on 2FA enforcement in package manager ecosystems in front of a crowd at SymfonyCon Amsterdam 2025.
Nils Adermann presenting at SymfonyCon Amsterdam 2025 on stage, discussing the npm Shai-Hulud Worm security incident. The slide shows details of the November 2024 supply chain attack that compromised 700+ packages and exposed credentials from 26k+ repositories through GitHub Actions code injection.
Conference attendees gathered around the Private Packagist booth at SymfonyCon Amsterdam 2025 having discussions.
Back from our annual #SymfonyCon trip! Great experience celebrating 20 years of #Symfony with its community in Amsterdam. The @packagist.com booth was busy throughout the event, and my package manager security outlook talk sparked good conversations. See you in Warsaw 2026! #php #composerphp
π₯ Shoutout to our Gold Sponsor: @PrivatePackagist! π₯
Thanks for fueling innovation and supporting #SymfonyCon Amsterdam 2025! ππ
π You rock!
#PHP #Symfony #Sponsor
In Amsterdam next week and part of a group underrepresented at tech confs, or can't afford a ticket? Private Packagist is sponsoring #SymfonyCon (Nov 27th/28th) and we have a ticket to give away: Reply your favorite PHP8.5 feature to win #php #phpc #symfony @symfony.com
And now @packagist.com π₯
Thank you so much for sponsoring my work and placing trust in my humble contribution to the PHP ecosystem! π
New in Private Packagist: Usage Tracking can now help prioritize security updates by showing how deps cascade through projects and where vulnerable versions are used. Trusted Publishing for GitHub Actions and better synchronization setup. blog.packagist.com/whats-new-in... #php #phpc #composerphp
After Composer 2.9 CLI security improvements, we're working on a transparency log for Packagist to strengthen PHP supply chain security, funded by the @sovereign.tech with help of the @thephpf.bsky.social and Private Packagist. Details at blog.packagist.com/strengthenin... #php #phpc #composerphp
Composer 2.9 is here! π It automatically blocks packages with known vulnerabilities, has a new repository command to manage repos from the CLI, and lots more!
blog.packagist.com/composer-2-9/
#composerphp #phpc #PHP
The PHP Foundation is Seeking a New Executive Director! ππ
We're asking the PHP community to help find the right person for this role. If you know someone who would be an excellent fit, please encourage them to apply or reach out to us directly.
thephp.foundation/blog/2025/11... #phpc #php
Composer 2.9 is coming, and there's an RC to try out! We need your help and feedback github.com/composer/com... #composerphp #phpc
Bitbucket Cloud is retiring app passwords in favor of API tokens. If you're using Private Packagist with Bitbucket Cloud, migrate now to avoid future disruptions.
Our blog post explains it step-by-step: blog.packagist.com/bitbucket-de...
#php #composerphp #phpc #privatepackagist #bitbucket
Together with PyPI, Maven Central, cratesio and other major package registries we signed a statement on sustainable open source infrastructure.
3B+ installs/month and evolving #composerphp and packagist.org requires sharing the costs.
#phpc #php
π¨ Warning to #PHP package maintainers: We did not email you to change your passwords & 2FA. Emails asking you to update your credentials are a phishing attempt. We had the phishing site & domain taken down. If you got the email and entered your credentials, please contact us. #phpc
Thank you @packagist.com for supporting the #APIPlatformCon 2025!
π¨ PSA for #PHP package maintainers: DO NOT REPLACE tags! If you messed up a release simply do another. No matter how quickly you notice a mistake, automatic tools already pulled the original tag, triggered automatic updates. Users will never know you recreated the tag and use the broken state. #phpc
Nils Adermann behind a lectern on stage at API PlatformCon receiving a birthday cake while the audience claps. The slide on stage asks "Questions / Feedback?" and points to Private Packagist.
Had a great time presenting Composer Best Practices for 2025 at #APIPlatformCon in Lille this morning. Meet me at our booth, I'd love to hear all about how you work with #composerphp! #php #phpc #supplychainsecurity #symfony #apiplatform
We'll pick winners by the end of the week and look forward to seeing you at our booth in Lille!
Badge saying API Platform Conference 2025, Lille (France) & Online - Private Packagist is a wonderful Silver Sponsor and the Private Packagist elephant logo is shown on the right.
Would you like to attend #APIPlatformCon 2025 in Lille on Sep 18/19 or online? Private Packagist is sponsoring: 4 tickets to give away! Part of a group underrepresented at tech conferences, or can't afford a ticket? Repost and reply favorite PHP package(s) #php #composerphp #phpc
The era of Composer v1 finally comes to an end, long live Composer v2! π Today packagist.org support for v1 metadata has been shut down as announced last year. blog.packagist.com/packagist-or... #composerphp #phpc #php
August update: dependency usage tracking across your packages, automatic GitLab token rotation, and Conductor improvements with custom labels and smarter PR handling blog.packagist.com/whats-new-in... #php #composer #composerphp #phpc
Arrived in Denver for #Laracon - look forward to meeting everyone at our @packagist.com booth! Would love to talk to everyone about how you use Composer, handle updates and apply security patches, or anything else relating to dependency management! #laraconus #laravel #phpc