Skip to content

G
gitlab-ce
Commit a9fa327f authored by Robert Speicher's avatar Robert Speicher
Browse files
Options

Merge branch 'composer-authjson-doc' into 'master' 

Security warning about the auth.json file

See merge request gitlab-org/gitlab!34403
parents 6795afa5 3bd4150b
Show whitespace changes
Inline Side-by-side
Showing with 6 additions and 0 deletions
doc/user/packages/composer_repository/index.md
View file @ a9fa327f
...@@ -141,3 +141,9 @@ composer update ...@@ -141,3 +141,9 @@ composer update
``` ```
If successful, you should be able to see the output indicating that the package has been successfully installed. If successful, you should be able to see the output indicating that the package has been successfully installed.
CAUTION: **Important:**
Make sure to never commit the `auth.json` file to your repository. To install packages from a CI job,
consider using the [`composer config`](https://getcomposer.org/doc/articles/handling-private-packages-with-satis.md#authentication) tool with your personal access token
stored in a [GitLab CI/CD environment variable](../../../ci/variables/README.md) or in
[Hashicorp Vault](../../../ci/examples/authenticating-with-hashicorp-vault/index.md).
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7