You can now update Composer to 1.10 with the
composer.phar self-update command. The full changelog for 1.10 is available on GitHub as usual, listing all the small new features and bugfixes in this release.
Composer 1.10 ships with a new feature which matters a lot to us as open-source project maintainers: Information on funding open-source projects and the new command
composer fund. The composer update command now outputs the number of packages you are using which are looking for funding and asks you to run the command for more details.
Composer and Packagist maintenance, development, and operation are currently mostly financed through our paid offering for private Composer repositories Private Packagist. Please consider signing up for a subscription of this service at packagist.com. But as you can see in the screenshot, there is now an additional way to financially contribute to Composer and Packagist as a business: Tidelift.
If your company relies on open-source software you can sign up for a Tidelift subscription to financially support all the projects you depend on, in return for assurances from the maintainers to provide timely security and bug fixes, address licensing issues, and more.
If you are a maintainer of an open-source project you should sign up as well to receive your share of the funds provided by businesses using your software.
There are many other ways to contribute to open-source, both as an individual or as a company. Work hours spent on bug reports, fixes, documentation, or implementation of new features help open-source projects. But as we strive to make all the open-source software we rely on more sustainable we consider it all companies' responsibility to provide financial funding for maintainers of the open-source software they use.
A lot of people are trying to address problems around funding for open-source projects. The fund command which we have now added to Composer is very similar to NPM's command which in turn had various other influences. Nicolas Grekas of Symfony, made this command available through their Composer plugin symfony/thanks last year already.
GitHub Sponsors introduced FUNDING.yml files which you can add to your repository to let GitHub users and Composer know about ways to fund your project. Alternatively you can define funding options in your composer.json.
In addition to retrieving funding information for the open-source dependencies you use through Composer's command line interface, you can now also view all funding options on Packagist.org.
As a maintainer you can list any mechanism you like here. There are tools and services like Tidelift, Open Collective, Patreon, or GitHub Sponsors but you can also list paid services like our very own Private Packagist or other endeavors like Xdebug or phpstan who we are proud to sponsor ourselves.
So as a maintainer, please add funding information to your projects. As a professional developer, please get your company to participate in the funding of the PHP ecosystem and the open-source software you use. Thank you if you already do!