[TEST] ci: Something may be up with GUT #74
Conversation
![codecov[bot]](https://avatars.githubusercontent.com/in/254?s=60&v=4){kind=small}
There was a problem hiding this comment.
The code changes seem fine, the names of these secrets on GitHub must have been changed to reflect what is edited in these lines. However, hardcoding secret tokens in the code could lead to a potential security issue where the GitHub actions have access to all the secrets. Use environment variables instead which are safer.
| @@ -338,13 +338,13 @@ jobs: | |||
| - name: Build ${{ matrix.example }} app for staging | |||
| working-directory: ./examples/${{ matrix.example }} | |||
| env: | |||
| NEXT_UPLOAD_TOKEN: ${{ secrets.CODECOV_ORG_TOKEN }} | |||
| NEXT_UPLOAD_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |||
There was a problem hiding this comment.
You should consider preferably assigning secret values to environment variables, not hardcoded as they tend to be more secure and flexible.
| NEXT_API_URL: ${{ secrets.CODECOV_API_URL }} | ||
| ROLLUP_UPLOAD_TOKEN: ${{ secrets.CODECOV_ORG_TOKEN }} | ||
| ROLLUP_UPLOAD_TOKEN: ${{ secrets.CODECOV_TOKEN }} |
There was a problem hiding this comment.
Hardcoding secret tokens in the code could lead to a potential security issue where your Continuous Integration (CI) has access to all secrets. Please consider using environment variables.
| ROLLUP_API_URL: ${{ secrets.CODECOV_API_URL }} | ||
| VITE_UPLOAD_TOKEN: ${{ secrets.CODECOV_ORG_TOKEN }} | ||
| VITE_UPLOAD_TOKEN: ${{ secrets.CODECOV_TOKEN }} |
There was a problem hiding this comment.
The secret tokens should be stored as environment variables. Using hardcoded tokens may create an unintended exposure.
| VITE_API_URL: ${{ secrets.CODECOV_API_URL }} | ||
| WEBPACK_UPLOAD_TOKEN: ${{ secrets.CODECOV_ORG_TOKEN }} | ||
| WEBPACK_UPLOAD_TOKEN: ${{ secrets.CODECOV_TOKEN }} |
There was a problem hiding this comment.
Consider getting such secret tokens from the environment variables instead of hardcoding them, to increase security.
Codecov ReportAll modified and coverable lines are covered by tests ✅
📢 Thoughts on this report? Let us know! |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files
☔ View full report in Codecov by Sentry. |
Bundle ReportBundle size has no change ✅ |
|
No longer needed. |
Description
Code Example
Notable Changes
Legal Boilerplate
Look, I get it. The entity doing business as "Sentry" was incorporated in the State of Delaware in 2015 as Functional Software, Inc. In 2022 this entity acquired Codecov and as result Sentry is going to need some rights from me in order to utilize my contributions in this PR. So here's the deal: I retain all rights, title and interest in and to my contributions, and by keeping this boilerplate intact I confirm that Sentry can use, modify, copy, and redistribute my contributions, under Sentry's choice of terms.