Composer recently switched from using GitHub’s http interface to using the GitHub API to load dependencies. This caused issues on Pagoda Box (and probably elsewhere) as the number of unauthenticated API requests stacked up. For me this was causing deployments to be aborted as Github prevented further requests required by my application to fullfil its composer requirements. The solution is to prevent the Github API from being used and installing from source. Turns out this is actually very simple.
If you have something like this in your boxfile:
php composer.phar install
then you need to update this to force installation from source like:
php composer.phar install --prefer-source