Codecov had a security breach. They suggested to check which env variables were surfaced to the CI and to reroll anything that might be considered sensitive. At first glance here, it does not seem like any of the secret tokens (PyPI and codecov) are actually stodes as variables... I'm not sure whether that means that we're fine, or if I'm misunderstanding.
Codecov had a security breach. They suggested to check which env variables were surfaced to the CI and to reroll anything that might be considered sensitive. At first glance here, it does not seem like any of the secret tokens (PyPI and codecov) are actually stodes as variables... I'm not sure whether that means that we're fine, or if I'm misunderstanding.