reflect2 icon indicating copy to clipboard operation
reflect2 copied to clipboard

Published 20 hours ago verified publisher icon modern-go

heads up: codecov.io security incident - https://about.codecov.io/security-update/

Open robert-heinzmann-logmein opened this issue 3 years ago • 0 comments

Hi there.

This might be an unusual "issue" beeing reported.

There has been a security incident in codecov.io with the bash-uploader script (see [1] for details) which potentially exposed secrets to 3rd parties.

It seems you are using the referenced bash uploader in your .travis.yml file. I wanted to draw your attention to this incident in case you missed it.

It would be great if you could verify that no code has been altered and check the impact of this security incident on your repository.

Regards, Robert

[1] https://about.codecov.io/security-update/

robert-heinzmann-logmein avatar Apr 22 '21 10:04 robert-heinzmann-logmein