fix(aio): ensure NGBUILDS_IO_KEY is not printed
Gaining access to another PR's JWT, would allow faking that PR's author wrt to GitHub team membership verification for as long as the JWT is valid (currently 90 mins).
This commit is contained in:
Georgios Kalpakas
committed by
Chuck Jazdzewski
Chuck Jazdzewski
parent
e40f81b564
commit
fd34a58e13
@ -74,6 +74,7 @@ if [[ ${TRAVIS:-} ]]; then
|
||||
|
||||
# If NGBUILDS_IO_KEY not set yet, export the NGBUILDS_IO_KEY using the JWT token that Travis generated and exported for SAUCE_ACCESS_KEY.
|
||||
# This is a workaround for travis-ci/travis-ci#7223
|
||||
# WARNING: NGBUILDS_IO_KEY should NOT be printed
|
||||
export NGBUILDS_IO_KEY=${NGBUILDS_IO_KEY:-$SAUCE_ACCESS_KEY}
|
||||
|
||||
# Used by karma and karma-chrome-launcher
|
||||
|
||||
Reference in New Issue
Block a user