Tag: secrets

cloud based CI/CD issues – travis-ci

Travis-CI published a security bulletin the other day, describing a special condition that would allow to access secrets belonging to a foreign repository in Github or Bitbucket. The condition requires a fork from a public repository. That’s how open source work, and very central functionality. Not a corner case. Turns out, the cloud service did…

September 14, 2021

cloud based CI/CD issues – travis-ci