Thanks Laravel Package

Getting Started

Install via Composer: composer require --dev symfony/thanks. After installation, run ./vendor/bin/thanks (or php vendor/bin/thanks) to interactively review and star packages listed in composer.lock. The first run will prompt to authenticate with GitHub via OAuth if not already configured—this happens locally and stores credentials in ~/.composer/auth.json. Begin with ./vendor/bin/thanks --help to explore available flags and workflows.

Implementation Patterns

• Team Adoption: Add ./vendor/bin/thanks to post-update and post-install Composer scripts (extra.composer-events) so starring happens automatically during dependency changes.
• CI/CD Integration: Use ./vendor/bin/thanks --no-interaction in CI pipelines to silently star dependencies—ideal for open-source contribution workflows.
• Selective Execution: Filter packages using --only-vendor (star only vendor/* packages) or --only-package=name (target specific packages like symfony/framework-bundle).
• Custom Repos: Override auto-detected GitHub URLs via composer.json's extra.thanks section for non-standard repos or private GitHub instances.

Gotchas and Tips

• Authentication failures are often due to outdated auth.json—ensure GitHub tokens have public_repo scope. Use ./vendor/bin/thanks --flush-cache if rate-limited.
• Package detection relies on composer.lock; running without it (e.g., on fresh clones) may skip dependencies. Always commit composer.lock in projects.
• The tool skips private or non-GitHub repos silently—verify using --verbose to see why a package was skipped.
• For large dependency trees, use --max-repos=N to cap starred repos and avoid overwhelming maintainers or hitting API limits.
• Extension point: Override the default Thanks command via Symfony’s service tagging (thanks.repository_locator service is extensible for custom registry integrations).