Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] use codecov orb instead of bash uploader #551

Closed
wants to merge 2 commits into from
Closed

[WIP] use codecov orb instead of bash uploader #551

wants to merge 2 commits into from

Conversation

crupley
Copy link
Contributor

@crupley crupley commented Apr 21, 2021
edited
Loading

Related issues
Refer to issue(s) addressed in this pull request from Issues page.

As the result of the recent CodeCov security breach, it would be preferred to use a fixed version rather than automatically upgrade to another potentially insecure version.

Describe the proposed solution
A clear and concise description of what the changes are.

Add the CodeCov script to repo and execute the static version.

This is the advised solution from CodeCov in response to my email request:

We are working on a new version that will compile into binaries. For now you can vendor the bash script into your repo and execute it there. That way it will not change until/unless you update it.
Ticket: https://codecov.freshdesk.com/helpdesk/tickets/4907

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context about the changes here.

@crupley crupley self-assigned this Apr 21, 2021
@crupley crupley closed this Apr 21, 2021
@crupley crupley deleted the cr/fixedCodecovVer branch April 21, 2021 20:23
@crupley crupley changed the title [WIP] use codecov orb instead of bash uploader [WIP] use codecov script instead of bash uploader Apr 22, 2021
@crupley crupley changed the title [WIP] use codecov script instead of bash uploader [WIP] use codecov orb instead of bash uploader Apr 22, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Jauntbox Jauntbox Awaiting requested review from Jauntbox

@leahmcguire leahmcguire Awaiting requested review from leahmcguire leahmcguire is a code owner

@nicodv nicodv Awaiting requested review from nicodv

@tovbinm tovbinm Awaiting requested review from tovbinm tovbinm is a code owner

Assignees

@crupley crupley

Labels
work in progress
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@crupley