Proud to announce we just renewed our annual $18,000 sponsorship for the The PHP Foundation! Check out this summary on the work completed in 2025. So much more could be accomplished, if all businesses using PHP contributed. Sign up as a sponsor and help moving PHP forward!

Back from our annual #SymfonyCon trip! Great experience celebrating 20 years of #Symfony with its community in Amsterdam. The @packagist.com booth was busy throughout the event, and my package manager security outlook talk sparked good conversations. See you in Warsaw 2026! #php #composerphp

New in Private Packagist: Usage Tracking can now help prioritize security updates by showing how deps cascade through projects and where vulnerable versions are used. Trusted Publishing for GitHub Actions and better synchronization setup. blog.packagist.com/whats-new-in... #php #phpc #composerphp

After Composer 2.9 CLI security improvements, we're working on a transparency log for Packagist to strengthen PHP supply chain security, funded by the @sovereign.tech with help of the @thephpf.bsky.social and Private Packagist. Details at blog.packagist.com/strengthenin... #php #phpc #composerphp

Composer 2.9 is here! 🚀 It automatically blocks packages with known vulnerabilities, has a new repository command to manage repos from the CLI, and lots more! blog.packagist.com/composer-2-9/ #composerphp #phpc #PHP

Composer 2.9 is coming, and there's an RC to try out! We need your help and feedback github.com/composer/com... #composerphp #phpc

🚨 Warning to #PHP package maintainers: We did not email you to change your passwords & 2FA. Emails asking you to update your credentials are a phishing attempt. We had the phishing site & domain taken down. If you got the email and entered your credentials, please contact us. #phpc

Together with PyPI, Maven Central, cratesio and other major package registries we signed a statement on sustainable open source infrastructure. 3B+ installs/month and evolving #composerphp and packagist.org requires sharing the costs. #phpc #php

The era of Composer v1 finally comes to an end, long live Composer v2! 👑 Today packagist.org support for v1 metadata has been shut down as announced last year. blog.packagist.com/packagist-or... #composerphp #phpc #php

August update: dependency usage tracking across your packages, automatic GitLab token rotation, and Conductor improvements with custom labels and smarter PR handling blog.packagist.com/whats-new-in... #php #composer #composerphp #phpc

🚨 Packagist.org shutdown of Composer 1.x support postponed to September 1st, 2025. Act now, upgrade to Composer 2! Last resort: check out Private Packagist extended 1.x support if you really cannot migrate right now. blog.packagist.com/packagist-or...

I will be at WordCamp Europe today talking about Composer and dependency management. Find me if you want to chat about @packagist.com!

Let's add modern compression formats to PHP! The new RFC for natively integrating Zstandard and Brotli proposed by @seld.be and myself would significantly improve Composer and asset pre-compression by @symfony.com AssetMapper.

Stop by our @packagist.com booth at #LaraconEU and have a chat about Composer, Packagist, Conductor or anything else relating to dependency management and supply chain security! #Laravel #Laracon

Got our #SymfonyCon tickets for next year already

Meet our team at #SymfomyCon Vienna! We'd love to chat about how you manage your Composer dependencies, your questions around supply chain security, Private Packagist or our upcoming product Conductor! #symfony #php #composerphp

We're excited to introduce you to 🧑‍✈️Conductor! Automatic dependency update PRs with Composer for PHP projects - Security fixes patched in minutes - Continuous updates without the hassle - all running in your own CI env! Early access waitlist: packagist.com/features/con... #composerphp #php #phpc

➡️ The PHP manual has learned a new trick, you can now run the code right in the browser! 🥳 Thanks to @soyuka for the implementation! #php #documentation