Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remote tests fail for pull requests #118

Closed
unstubbable opened this issue Nov 19, 2015 · 0 comments · Fixed by #385
Closed

Remote tests fail for pull requests #118

unstubbable opened this issue Nov 19, 2015 · 0 comments · Fixed by #385
Labels
enhancement

Comments

@unstubbable
Copy link
Contributor

http://docs.travis-ci.com/user/pull-requests/#Security-Restrictions-when-testing-Pull-Requests:

A pull request sent from a fork of the upstream repository could be manipulated to expose any environment variables. The upstream repository’s maintainer would have no protection against this attack, as pull requests can be sent by anyone with a fork.

For the protection of secure data, Travis CI makes it available only on pull requests coming from the same repository. These are considered trustworthy, as only members with write access to the repository can send them.

Therefore you should consider running the Sauce Labs tests only if process.env.TRAVIS_SECURE_ENV_VARS === 'true'. Otherwise you could let Travis run the tests only in PhantomJS so pull requests can be verified to some degree.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixes that pull-requests cant be tested at all loryjs/lory
2 participants
@unstubbable @meandmax