GitHub deprecated query param authentication

[andytson-inviqa]

Github has deprecated query parameter authentication (?access_token=....)

https://developer.github.com/changes/2019-11-05-deprecated-passwords-and-authorizations-api/#authenticating-using-query-parameters

This appears to be still be used in this composer plugin, which is causing Github to notify via email all Github accounts being used by this plugin.

This will need a change to use Authorization: token (or basic) authentication to continue beyond obsoletion, and to stop the Github email notifications being sent.

The lines of code which are doing this appear to be at:

prestissimo/src/BaseRequest.php

Lines 143 to 148 in 4c52352

	// is github
	if (in_array($authKey, $githubDomains) && 'x-oauth-basic' === $auth['password']) {
	$this->addParam('access_token', $auth['username']);
	$this->user = $this->pass = null;
	return;
	}

There was some confusion in composer/composer#8586 as to the cause, when composer itself had fixed it in 1.9.3.

[trentza]

added a PR #212 but @andytson-inviqa has tests with his fix.

[andytson]

release 0.3.10 contains the fix for this now

[hirak]

Sorry for the late reply.
As already commented, please try 0.3.10.

[archon810]

If I already have this installed, how does one update to 0.3.10? README doesn't mention updating - only installing. I know I can remove and reinstall, but updating would be easier.

Edit: Looks like running composer.phar global require hirak/prestissimo again does the update.