Authorizing the Shift Build
Many of the recent Shifts perform analysis in order to provide more intelligent and precise changes. This requires building your projects by installing your dependencies and running scripts like artisan
.
This may require additional authorization for Shift to install private dependencies. Fortunately, composer
makes this easy by adding an auth.json
file to your project.
Currently, the following Shifts attempt to build your project:
If you are attempting to run one of these Shifts against a project with private dependencies, you may need to configure an auth.json
file.
Note: Shift has access to all first-party Laravel packages such as Spark and Nova. As such, you are not required to configure authorization for these packages.
Configuring auth.json
Creating an auth.json
file not only allows Shift to build your project, but other services like Forge and Travis CI as well as other developers working with your code.
To configure an auth.json
file, first add one to your project at the same level of your composer.json
file.
This file contains credentials for authorizing composer
to download dependencies from private sources. While these credentials may be a user account, it's better to generate a token.
Although you may revoke a token at any time, they should be treated as passwords. The process for generating a token will vary. To generating a token for common sources, review the documentation from GitHub, Bitbucket, or GitLab..
Once you have obtained this token, you can use it as the credentials for that source within your auth.json
file.
For example, the following auth.json
file sets a token for each of the common sources list above:
{
"github-oauth": {
"github.com": "github-token-1234567890"
},
"gitlab-oauth": {
"gitlab.com": "gitlab-token-1234567890"
},
"bitbucket-oauth": {
"bitbucket.org": {
"consumer-key": "bitbucket-consumer-key-1234567890",
"consumer-secret": "bitbucket-consumer-secret-1234567890"
}
}
}
Note: If you commit your composer.lock
file and changed the repositories.url
values, you should run composer update
to regenerate the download URLs within your composer.lock
.