Difference between revisions of "Codecov"
Jump to navigation
Jump to search
↑ "HashiCorp revoked private key exposed in Codecov security breach". VentureBeat. 2021-04-27. Retrieved 2021-08-03.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
| Line 9: | Line 9: | ||
* [[SLSA]] | * [[SLSA]] | ||
* [[Sentry]] | * [[Sentry]] | ||
| + | * [[Sourcegraph]] | ||
== See also == | == See also == | ||
Latest revision as of 08:35, 26 January 2024
Security issue[edit]
Around April 2021, a supply chain attack using code auditing tool codecov allowed hackers limited access to HashiCorp's customers networks.[1] As a result private credentials were leaked. HashiCorp revoked a private signing key and asked its customers to use a new rotated key.
Related[edit]
See also[edit]
- SLSA,
slsa-verifier - Sentry,
sentry-cli, Sentry self hosted, Sentry Connect Services, Kubernetes,sentry backup, Codecov
Advertising:
