Coveralls is vulnerable
TimothyGu opened this issue · comments
The private repo token is exposed: https://github.com/davidbau/seedrandom/blob/master/.coveralls.yml#L1
Proof of concept: https://coveralls.io/builds/1838552
seeded random number generator for Javascript
TimothyGu opened this issue · comments
The private repo token is exposed: https://github.com/davidbau/seedrandom/blob/master/.coveralls.yml#L1
Proof of concept: https://coveralls.io/builds/1838552