A higher matching version found in public repository

Error Example

Higher matching version 2.4.13 of tnw/module-authorizenetcim was found in public repository packagist.org than 2.4.12 in private https://repo.magento.com. Public package might've been taken over by a malicious entity, please investigate and update package requirement to match the version from the private repository

Reason

Our free modules for Adobe OpenSource and Adobe Commerce are published to Packagist repositories AND to the Magento Marketplace (historically). As a result, the new version may appear in the Packagist before it’s published on the Magento Marketplace. Magento Marketplace always defaults to its repo for all packages and skips the newer version in Packagist, causing this error.

Solution

To avoid this situation you need to modify your composer.json file and mark the module as “excluded“ from the Magento repository. In this case, the module will be downloaded from the public repository. You need add the '"exclude": ["tnw/module-authorizenetcim"]'

The updated composer.json file changes will look like:

"0": { "type": "composer", "url": "https://repo.magento.com/", "exclude": ["tnw/module-authorizenetcim"] }

More details about composer filtering are available here: https://getcomposer.org/doc/articles/repository-priorities.md#filtering-packages