[google/syzkaller] 4595e3: .github/workflows: fix Codecov checkout and secure...

1 view

Skip to first unread message

Taras Madan

unread,

Apr 22, 2026, 4:53:04 AM (yesterday) Apr 22

to syzk...@googlegroups.com

Branch: refs/heads/gh-readonly-queue/master/pr-7102-3d48343585e60c95cc7993775ddd151f3c7bea87
Home: https://github.com/google/syzkaller
Commit: 4595e35325904a096977cf0d3f9e7648e3198280
https://github.com/google/syzkaller/commit/4595e35325904a096977cf0d3f9e7648e3198280
Author: Taras Madan <taras...@google.com>
Date: 2026-04-22 (Wed, 22 Apr 2026)

Changed paths:
M .github/workflows/upload-coverage.yml

Log Message:
-----------
.github/workflows: fix Codecov checkout and secure upload-coverage

Add persist-credentials: false to prevent token leakage and use a dedicated
sparse checkout step to securely retrieve the trusted codecov.yml from the
base repository. Enforce least privilege with explicit read permissions and
job timeouts to prevent potential denial of service.

To unsubscribe from these emails, change your notification settings at https://github.com/google/syzkaller/settings/notifications

Taras Madan

unread,

Apr 22, 2026, 5:04:55 AM (yesterday) Apr 22

to syzk...@googlegroups.com

Branch: refs/heads/master

Reply all

Reply to author

Forward

0 new messages