Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow endpoint for codecov #314

Merged
merged 1 commit into from
Jul 4, 2023
Merged

Allow endpoint for codecov #314

merged 1 commit into from
Jul 4, 2023

Conversation

varunsh-coder
Copy link
Member

No description provided.

Copy link
Contributor

@step-security-bot step-security-bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please find StepSecurity AI-CodeWise code comments inline or below.

.github/workflows/test.yml

Please refer to 1 inline comments.

Feedback

We appreciate your feedback in helping us improve the service! To provide feedback, please use emojis on this comment. If you find a comment helpful, give it a 👍. If they aren't useful, kindly express that with a 👎. If you have questions or detailed feedback, please create n GitHub issue in StepSecurity/AI-CodeWise.

@@ -21,6 +21,7 @@ jobs:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[High]Do not hardcode secrets in the code

API keys, passwords, and other secrets should not be hardcoded in the code. Use environment variables to store sensitive information.

@varunsh-coder varunsh-coder merged commit 75ac554 into main Jul 4, 2023
@varunsh-coder varunsh-coder deleted the codecov-allow-domain branch July 4, 2023 19:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants