I'm revoking the OAuth token in .composer-auth.json since that could currently be used to misuse the API rate limits of my account. The token was used to prevent "rate limit exceeded" errors from GitHub during Travis and Appveyor testing when fetching Composer dependencies without authentication.

There are two places in this repository affected by this change:

• .travis.yml
• appveyor.yml

In both cases, .composer-auth.json is copied to ~/.composer/auth.json in order to use that token during authentication with GitHub.

I don't know what happens to the builds after the token is revoked, but it could be that they are failing. There are two possible solutions that come to my mind:

• Remove authentication completely - maybe the rate limit errors are a non-issue nowadays. I don't know how other repositories solve this issue today.
• Create a new public-read-only token and store it in secret environment variables on Appveyor and Travis and inject those variables into auth.json during the build.

This token can safely be removed - Github removed rate limits on downloading zips.

@willemstuursma Could you submit a PR removing .composer-auth.json and on the places it is used?

This is fixed in master.