As the business requirements grow, so does the list of dependencies. Managers ask for a new feature, you just composer-require this thing and that other thing, and wire it into the application. But how do you keep track of new features in the dependencies? Or bugfixes? Or, most importantly, security patches?!
If you host your repositories on Github, you have probably noticed they started verifying GPG signatures back in April. After half a day of pain, googling and experimenting, I came up with this definitive guide on how to set this up in PhpStorm on OS X.
The need for authentication mechanisms that provide more security has been rising during the recent years. Google has ventured into this field with their Authenticator application which is now used not only by Google itself, but also other big players like Github or Dropbox. And you know what? It's not really that difficult to join this elite group. I'm going to show you how.