This doesn't seem secure to me, though perhaps there is a policy that only accepts requests from specific accounts on services like Travis.
Best to migrate those secrets into GitHub's secret store before setting up similar integrations for this project. I've created a Space called ohn-builds and Spaces API key in the OHN team but am not sure whether that should be added to the repository or environment for inclusion in .travis.yml.
This doesn't seem secure to me, though perhaps there is a policy that only accepts requests from specific accounts on services like Travis.
Best to migrate those secrets into GitHub's secret store before setting up similar integrations for this project. I've created a Space called ohn-builds and Spaces API key in the OHN team but am not sure whether that should be added to the repository or environment for inclusion in .travis.yml.