rcknr/composer-auth-dotenv

A composer install helper for private packages

Maintainers

Details

github.com/rcknr/composer-auth-dotenv

Source

Fund package maintenance!
rcknr

Installs: 2

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 1

Forks: 17

Type:composer-plugin

dev-main 2025-05-06 15:13 UTC

Requires

Requires (Dev)

MIT 616ec7477d238a9ac255d8cfaeb5a2c40dfa8b91

plugincomposerauthenvdotenv

This package is auto-updated.

Last update: 2025-05-07 07:44:00 UTC

README

Packagist version MIT license Build Status Coverage Status Packagist downloads

This Composer plugin lets you store credentials for private packages in a .env file, using the same format as the COMPOSER_AUTH environment variable. This approach avoids using auth.json, keeps credentials out of version control, and makes them easier to manage and encrypt alongside other environment-specific configuration. This repository is inspired by private-composer-installer.

Motivation

In Laravel ecosystem there are many commercially distributed packages that require authentication to be installed. The usual way to authenticate is to use the auth.json file, which is then ignored (or not) by version control. It is more practical, however, to be able to store credentials in a .env file, which is already used for other environment-specific configuration. The .env file can be encrypted and decrypted using the php artisan env:encrypt and php artisan env:decrypt commands. The encryption key can be shared with team members to securely grant access to all necessary project secrets. This might make it easier and safer to manage composer credentials in your development team.

Setup

  • Add the desired private package to the repositories section inside composer.json. Find more about Composer repositories in the Composer documentation.
  • Configure authentication using composer config. This will create an auth.json file. Different supported options are described in the Composer documentation
  • Convert auth.json content to COMPOSER_AUTH environment variable format and append it to your .env file:
echo -n "COMPOSER_AUTH=" >> .env && cat auth.json | tr -d '\n[:space:]' >> .env

Configuration

The configuration options listed below may be added to the extra section of composer.json like so:

{
  "name": "...",
  "description": "...",
  "require": {
  },
  "extra": {
    "composer-auth-dotenv": {
      "dotenv-path": ".",
      "dotenv-name": ".env"
    }
  }
}

dotenv-path

Dotenv file directory relative to the root path (where composer.json is located). By default, dotenv files are expected to be in the root folder.

dotenv-name

Dotenv file name. Defaults to .env.