Tag: secrets
-
cloud based CI/CD issues – travis-ci
Travis-CI published a security bulletin the other day, describing a special condition that would allow to access secrets belonging to a foreign repository in Github or Bitbucket. The condition requires a fork from a public repository. That’s how open source work, and very central functionality. Not a corner case. Turns out, the cloud service did…