Nils Adermann
@naderman.de
Co-Founder of @packagist.com / http://packagist.com and
Co-Creator of #composerphp - he/him - @naderman@phpc.social
Co-Creator of #composerphp - he/him - @naderman@phpc.social
Reposted by Nils Adermann
Postfach: „Frau P. ist seit 10 Jahren wohnungslos und bekommt endlich Unterstützung durch Housing First. Doch jetzt droht Haft wegen Fahren ohne Ticket. Wird sie eingesperrt, gefährdet das den Erhalt der Wohnung weil die Miete nicht mehr gezahlt wird. Könnt ihr was tun?“
Das Gesetz muss weg. Punkt.
Das Gesetz muss weg. Punkt.
December 23, 2025 at 9:13 AM
Postfach: „Frau P. ist seit 10 Jahren wohnungslos und bekommt endlich Unterstützung durch Housing First. Doch jetzt droht Haft wegen Fahren ohne Ticket. Wird sie eingesperrt, gefährdet das den Erhalt der Wohnung weil die Miete nicht mehr gezahlt wird. Könnt ihr was tun?“
Das Gesetz muss weg. Punkt.
Das Gesetz muss weg. Punkt.
Reposted by Nils Adermann
I’m pleased to announce PromptVer, a new versioning scheme designed for the age of large language models.
nesbitt.io/2025/12/01/p...
nesbitt.io/2025/12/01/p...
nesbitt.io
December 1, 2025 at 12:40 PM
I’m pleased to announce PromptVer, a new versioning scheme designed for the age of large language models.
nesbitt.io/2025/12/01/p...
nesbitt.io/2025/12/01/p...
Reposted by Nils Adermann
The package manager in GitHub Actions might be the worst package manager in use today: nesbitt.io/2025/12/06/g...
GitHub Actions Has a Package Manager, and It Might Be the Worst
GitHub Actions has a package manager that ignores decades of supply chain security best practices: no lockfile, no integrity verification, no transitive pinning
nesbitt.io
December 7, 2025 at 7:06 AM
The package manager in GitHub Actions might be the worst package manager in use today: nesbitt.io/2025/12/06/g...
Fascinating evening organized by the @sovereign.tech in Berlin tonight: Presenting their #SovereignTechFellowship program which funds individual open source maintainers of our digital infrastructure with public money.
December 3, 2025 at 9:50 PM
Fascinating evening organized by the @sovereign.tech in Berlin tonight: Presenting their #SovereignTechFellowship program which funds individual open source maintainers of our digital infrastructure with public money.
Reposted by Nils Adermann
Proud to announce we just renewed our annual $18,000 sponsorship for the The PHP Foundation!
Check out this summary on the work completed in 2025. So much more could be accomplished, if all businesses using PHP contributed. Sign up as a sponsor and help moving PHP forward!
Check out this summary on the work completed in 2025. So much more could be accomplished, if all businesses using PHP contributed. Sign up as a sponsor and help moving PHP forward!
Thanks to our sponsors for supporting The PHP Foundation in 2025!
Together we helped ship PHP 8.5, released PIE 1.0, supported FrankenPHP, launched the PHP MCP SDK, secured a 2nd STA investment for Streams, and much more.
Please consider sponsoring PHP in 2026 🙏💜
thephp.foundation/blog/2025/12...
Together we helped ship PHP 8.5, released PIE 1.0, supported FrankenPHP, launched the PHP MCP SDK, secured a 2nd STA investment for Streams, and much more.
Please consider sponsoring PHP in 2026 🙏💜
thephp.foundation/blog/2025/12...
Thank you for supporting The PHP Foundation in 2025! Can we count on you in 2026?
The PHP Foundation — Supporting, Advancing, and Developing the PHP Language
thephp.foundation
December 3, 2025 at 3:39 PM
Proud to announce we just renewed our annual $18,000 sponsorship for the The PHP Foundation!
Check out this summary on the work completed in 2025. So much more could be accomplished, if all businesses using PHP contributed. Sign up as a sponsor and help moving PHP forward!
Check out this summary on the work completed in 2025. So much more could be accomplished, if all businesses using PHP contributed. Sign up as a sponsor and help moving PHP forward!
Reposted by Nils Adermann
who decided to call it Secret Santa when Nondisclosure Claus was right there
December 1, 2025 at 10:55 PM
who decided to call it Secret Santa when Nondisclosure Claus was right there
Back from our annual #SymfonyCon trip! Great experience celebrating 20 years of #Symfony with its community in Amsterdam. The @packagist.com booth was busy throughout the event, and my package manager security outlook talk sparked good conversations. See you in Warsaw 2026! #php #composerphp
December 1, 2025 at 2:57 PM
Back from our annual #SymfonyCon trip! Great experience celebrating 20 years of #Symfony with its community in Amsterdam. The @packagist.com booth was busy throughout the event, and my package manager security outlook talk sparked good conversations. See you in Warsaw 2026! #php #composerphp
Reposted by Nils Adermann
In Amsterdam next week and part of a group underrepresented at tech confs, or can't afford a ticket? Private Packagist is sponsoring #SymfonyCon (Nov 27th/28th) and we have a ticket to give away: Reply your favorite PHP8.5 feature to win #php #phpc #symfony @symfony.com
November 21, 2025 at 9:52 PM
In Amsterdam next week and part of a group underrepresented at tech confs, or can't afford a ticket? Private Packagist is sponsoring #SymfonyCon (Nov 27th/28th) and we have a ticket to give away: Reply your favorite PHP8.5 feature to win #php #phpc #symfony @symfony.com
Really fun to play with Nano Banana Pro and have it visualize things. Here's the good old cube rule of food 😁
November 21, 2025 at 8:37 AM
Really fun to play with Nano Banana Pro and have it visualize things. Here's the good old cube rule of food 😁
Great, @github.com giving open source maintainers wrong tax advice 🤦 docs.github.com/en/sponsors/... "In the EU and most other countries and regions, [...] B2B sales are not subject to tax."
Tax information for GitHub Sponsors - GitHub Docs
Sponsored developers and organizations must submit tax information to GitHub and are responsible for evaluating and paying their own taxes.
docs.github.com
November 20, 2025 at 11:39 AM
Great, @github.com giving open source maintainers wrong tax advice 🤦 docs.github.com/en/sponsors/... "In the EU and most other countries and regions, [...] B2B sales are not subject to tax."
Reposted by Nils Adermann
New in Private Packagist: Usage Tracking can now help prioritize security updates by showing how deps cascade through projects and where vulnerable versions are used. Trusted Publishing for GitHub Actions and better synchronization setup. blog.packagist.com/whats-new-in... #php #phpc #composerphp
What’s New in Private Packagist, November Update
We've shipped several important updates to Private Packagist over the past three months, including more insights on the package usage tracking page, the introduction of Trusted Publishing for secure a...
blog.packagist.com
November 18, 2025 at 9:35 AM
New in Private Packagist: Usage Tracking can now help prioritize security updates by showing how deps cascade through projects and where vulnerable versions are used. Trusted Publishing for GitHub Actions and better synchronization setup. blog.packagist.com/whats-new-in... #php #phpc #composerphp
Reposted by Nils Adermann
After Composer 2.9 CLI security improvements, we're working on a transparency log for Packagist to strengthen PHP supply chain security, funded by the @sovereign.tech with help of the @thephpf.bsky.social and Private Packagist. Details at blog.packagist.com/strengthenin... #php #phpc #composerphp
Strengthening PHP Supply Chain Security with a Transparency Log for Packagist.org
The release of Composer 2.9 this week introduced new security features on the Composer CLI client, which were funded by Private Packagist through service subscriptions. But in parallel, we are working...
blog.packagist.com
November 14, 2025 at 3:35 PM
After Composer 2.9 CLI security improvements, we're working on a transparency log for Packagist to strengthen PHP supply chain security, funded by the @sovereign.tech with help of the @thephpf.bsky.social and Private Packagist. Details at blog.packagist.com/strengthenin... #php #phpc #composerphp
Reposted by Nils Adermann
Composer 2.9 is here! 🚀 It automatically blocks packages with known vulnerabilities, has a new repository command to manage repos from the CLI, and lots more!
blog.packagist.com/composer-2-9/
#composerphp #phpc #PHP
blog.packagist.com/composer-2-9/
#composerphp #phpc #PHP
Composer 2.9 Release
We are pleased to announce the release of Composer 2.9.0, bringing improvements to security, repository management from the CLI, and lots more.
Automatic Security Blocking
Composer now automaticall...
blog.packagist.com
November 13, 2025 at 10:22 AM
Composer 2.9 is here! 🚀 It automatically blocks packages with known vulnerabilities, has a new repository command to manage repos from the CLI, and lots more!
blog.packagist.com/composer-2-9/
#composerphp #phpc #PHP
blog.packagist.com/composer-2-9/
#composerphp #phpc #PHP
Reposted by Nils Adermann
The PHP Foundation is Seeking a New Executive Director! 🐘💜
We're asking the PHP community to help find the right person for this role. If you know someone who would be an excellent fit, please encourage them to apply or reach out to us directly.
thephp.foundation/blog/2025/11... #phpc #php
We're asking the PHP community to help find the right person for this role. If you know someone who would be an excellent fit, please encourage them to apply or reach out to us directly.
thephp.foundation/blog/2025/11... #phpc #php
The PHP Foundation is Seeking a New Executive Director
The PHP Foundation — Supporting, Advancing, and Developing the PHP Language
thephp.foundation
November 10, 2025 at 3:03 PM
The PHP Foundation is Seeking a New Executive Director! 🐘💜
We're asking the PHP community to help find the right person for this role. If you know someone who would be an excellent fit, please encourage them to apply or reach out to us directly.
thephp.foundation/blog/2025/11... #phpc #php
We're asking the PHP community to help find the right person for this role. If you know someone who would be an excellent fit, please encourage them to apply or reach out to us directly.
thephp.foundation/blog/2025/11... #phpc #php
Reposted by Nils Adermann
Composer 2.9 is coming, and there's an RC to try out! We need your help and feedback github.com/composer/com... #composerphp #phpc
Release 2.9.0-RC1 · composer/composer
Composer 2.9 is ready for a release, and we need your help to test it and report any regression.
Please try it out!
Running composer self-update --preview will get you the 2.9.0-RC1
Running compos...
github.com
November 7, 2025 at 3:40 PM
Composer 2.9 is coming, and there's an RC to try out! We need your help and feedback github.com/composer/com... #composerphp #phpc
Reposted by Nils Adermann
Was richtig im #Stadtbild stört ist die echt beschissene Sozial- und Verkekerspolitik der Union.
October 15, 2025 at 11:15 AM
Was richtig im #Stadtbild stört ist die echt beschissene Sozial- und Verkekerspolitik der Union.
Reposted by Nils Adermann
📣 Here’s one for FOSS maintainers based in the EU 🌍
@sovereign.tech is currently accepting proposals from communities that want to enhance their resilience with:
🧱 contributions
🐛 bug bounties
🔍 code audits
Requirements & application: www.sovereign.tech/programs/bug...
Good luck, everyone!
@sovereign.tech is currently accepting proposals from communities that want to enhance their resilience with:
🧱 contributions
🐛 bug bounties
🔍 code audits
Requirements & application: www.sovereign.tech/programs/bug...
Good luck, everyone!
Sovereign Tech Resilience | Sovereign Tech Agency
www.sovereign.tech
September 30, 2025 at 8:58 AM
📣 Here’s one for FOSS maintainers based in the EU 🌍
@sovereign.tech is currently accepting proposals from communities that want to enhance their resilience with:
🧱 contributions
🐛 bug bounties
🔍 code audits
Requirements & application: www.sovereign.tech/programs/bug...
Good luck, everyone!
@sovereign.tech is currently accepting proposals from communities that want to enhance their resilience with:
🧱 contributions
🐛 bug bounties
🔍 code audits
Requirements & application: www.sovereign.tech/programs/bug...
Good luck, everyone!
Reposted by Nils Adermann
Together with PyPI, Maven Central, cratesio and other major package registries we signed a statement on sustainable open source infrastructure.
3B+ installs/month and evolving #composerphp and packagist.org requires sharing the costs.
#phpc #php
3B+ installs/month and evolving #composerphp and packagist.org requires sharing the costs.
#phpc #php
Registries like PyPI, Maven Central & crates.io power the ecosystem.
They can’t run on goodwill alone.
OpenSSF endorses the Joint Statement on Sustainable Stewardship.
👉 openssf.org/blog/2025/09...
#PreserveOpenSource
They can’t run on goodwill alone.
OpenSSF endorses the Joint Statement on Sustainable Stewardship.
👉 openssf.org/blog/2025/09...
#PreserveOpenSource
September 23, 2025 at 1:42 PM
Together with PyPI, Maven Central, cratesio and other major package registries we signed a statement on sustainable open source infrastructure.
3B+ installs/month and evolving #composerphp and packagist.org requires sharing the costs.
#phpc #php
3B+ installs/month and evolving #composerphp and packagist.org requires sharing the costs.
#phpc #php
Reposted by Nils Adermann
Registries like PyPI, Maven Central & crates.io power the ecosystem.
They can’t run on goodwill alone.
OpenSSF endorses the Joint Statement on Sustainable Stewardship.
👉 openssf.org/blog/2025/09...
#PreserveOpenSource
They can’t run on goodwill alone.
OpenSSF endorses the Joint Statement on Sustainable Stewardship.
👉 openssf.org/blog/2025/09...
#PreserveOpenSource
September 23, 2025 at 10:16 AM
Registries like PyPI, Maven Central & crates.io power the ecosystem.
They can’t run on goodwill alone.
OpenSSF endorses the Joint Statement on Sustainable Stewardship.
👉 openssf.org/blog/2025/09...
#PreserveOpenSource
They can’t run on goodwill alone.
OpenSSF endorses the Joint Statement on Sustainable Stewardship.
👉 openssf.org/blog/2025/09...
#PreserveOpenSource
Reposted by Nils Adermann
🚨 Warning to #PHP package maintainers: We did not email you to change your passwords & 2FA. Emails asking you to update your credentials are a phishing attempt. We had the phishing site & domain taken down. If you got the email and entered your credentials, please contact us. #phpc
September 20, 2025 at 3:32 PM
Reposted by Nils Adermann
Someone on the AWS billing team is stupid like a fox.
September 19, 2025 at 9:31 PM
Someone on the AWS billing team is stupid like a fox.
Reposted by Nils Adermann
Homebrew Project Leader, maintainer for 16 years, Ruby lover 👋. I having calls with both sides and trying to help reach a mutually acceptable solution. If you'd like to join one of these calls or chat 1:1: gimme an email from /about on my website. If not (I'd 100% understand) thanks for your work <3
September 19, 2025 at 11:00 AM
Homebrew Project Leader, maintainer for 16 years, Ruby lover 👋. I having calls with both sides and trying to help reach a mutually acceptable solution. If you'd like to join one of these calls or chat 1:1: gimme an email from /about on my website. If not (I'd 100% understand) thanks for your work <3
🚨 PSA for #PHP package maintainers: DO NOT REPLACE tags! If you messed up a release simply do another. No matter how quickly you notice a mistake, automatic tools already pulled the original tag, triggered automatic updates. Users will never know you recreated the tag and use the broken state. #phpc
September 19, 2025 at 9:04 AM
🚨 PSA for #PHP package maintainers: DO NOT REPLACE tags! If you messed up a release simply do another. No matter how quickly you notice a mistake, automatic tools already pulled the original tag, triggered automatic updates. Users will never know you recreated the tag and use the broken state. #phpc
Reposted by Nils Adermann
Wishing a very happy birthday to @naderman.de at #APIPlatformCon! What a perfect place to celebrate 🎂
September 18, 2025 at 11:57 AM
Wishing a very happy birthday to @naderman.de at #APIPlatformCon! What a perfect place to celebrate 🎂
Had a great time presenting Composer Best Practices for 2025 at #APIPlatformCon in Lille this morning. Meet me at our booth, I'd love to hear all about how you work with #composerphp! #php #phpc #supplychainsecurity #symfony #apiplatform
September 18, 2025 at 1:32 PM
Had a great time presenting Composer Best Practices for 2025 at #APIPlatformCon in Lille this morning. Meet me at our booth, I'd love to hear all about how you work with #composerphp! #php #phpc #supplychainsecurity #symfony #apiplatform