Skip to content

Handle additional git providers in set_composer_auth_env_var() #218

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Copilot wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Handle additional git providers in set_composer_auth_env_var() #218

Copilot wants to merge 7 commits into from
+413 −1

Conversation

Copy link
Contributor

Copilot AI commented Jan 25, 2026
edited
Loading

Plan: Add support for additional git providers in set_composer_auth_env_var()

  • Review current implementation of set_composer_auth_env_var()
  • Add support for bitbucket-oauth via BITBUCKET_CONSUMER_KEY and BITBUCKET_CONSUMER_SECRET environment variables
  • Add support for gitlab-oauth via GITLAB_OAUTH_TOKEN environment variable
  • Add support for gitlab-token via GITLAB_TOKEN environment variable
  • Add support for http-basic via HTTP_BASIC_AUTH environment variable (JSON format)
  • Add comprehensive PHPUnit unit tests to validate all authentication providers
  • Refactor tests to reduce code duplication with helper method
  • Add Behat feature tests for the authentication functionality
  • Add empty string validation for all token environment variables
  • Run lint, phpcs, phpstan to ensure code quality (all passed)
  • Run PHPUnit test suite - all 86 tests passed
  • All changes complete and verified

Security Summary

No security vulnerabilities detected

  • CodeQL analysis found no security issues in the changes
  • All authentication tokens are handled securely via environment variables
  • Empty strings are rejected to prevent empty credentials in COMPOSER_AUTH
  • Existing COMPOSER_AUTH values are preserved and never overridden
  • Invalid JSON in HTTP_BASIC_AUTH is safely ignored
  • All environment variables are validated before use
  • No sensitive data is logged or exposed
Original prompt

This section details on the original issue you should resolve

<issue_title>Handle more git providers in set_composer_auth_env_var()</issue_title>
<issue_description>As of #47, we support GitHub. There are a few other providers we could support too:

  • bitbucket-oauth
  • gitlab-oauth
  • gitlab-token
  • http-basic</issue_description>

Comments on the Issue (you are @copilot in this section)

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Copilot AI and others added 2 commits January 25, 2026 17:35
@swissspidy
Add support for additional git providers in set_composer_auth_env_var()
6d5b7e4 
Co-authored-by: swissspidy <841956+swissspidy@users.noreply.github.com>
@swissspidy
Refactor tests to reduce duplication with helper method
a98bb8c 
Co-authored-by: swissspidy <841956+swissspidy@users.noreply.github.com>
Copilot AI changed the title [WIP] Add support for additional git providers in set_composer_auth_env_var Handle additional git providers in set_composer_auth_env_var() Jan 25, 2026
Copilot AI requested a review from swissspidy January 25, 2026 17:38
@codecov
Copy link

codecov bot commented Jan 25, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@swissspidy swissspidy requested a review from Copilot January 25, 2026 17:46

This comment was marked as resolved.

Sign in to view

swissspidy and others added 3 commits January 25, 2026 12:59
@swissspidy
Update src/Package_Command.php
17ce3e4 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@swissspidy
Update src/Package_Command.php
d14a28e 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@swissspidy
Update src/Package_Command.php
3715993 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@swissspidy
Add empty string checks for GitHub and GitLab tokens
4cfccd0 
Co-authored-by: swissspidy <841956+swissspidy@users.noreply.github.com>
@swissspidy swissspidy marked this pull request as ready for review February 3, 2026 14:18
@swissspidy swissspidy requested a review from a team as a code owner February 3, 2026 14:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@swissspidy swissspidy Awaiting requested review from swissspidy

At least 1 approving review is required to merge this pull request.

Assignees

@swissspidy swissspidy

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Handle more git providers in set_composer_auth_env_var()

2 participants

@swissspidy