Home > other >  How can codecov verify a upload request without a token?
How can codecov verify a upload request without a token?

Time:03-01

In this section, the codecov documentation says:

The upload token is required for all uploads, except originating from public projects using Travis-CI, Circle CI, Azure, Github Actions.

What prevents "hackers" from uploading a fake codecov file and claiming the file was uploaded from a public repository with Codecov enabled?

What makes public projects special?

CodePudding user response:

Codecov uses the status of the CI, the progress of the current job, and knowledge from the public API of both the repo and CI providers to determine whether or not a tokenless upload on a public repository should be successful

Source: I work at Codecov at the time of this answer

Page link:https//www.codepudding.com/other/318722.html

Prev:How to convert Python operated dag in PostgreSQL operated dag?
Next:Python Logistic Regression Odds Ratio 0 or 1
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding