Basically what I want to do is have several different test runs on travis-ci.com take their coverage runs and send it to a build server, which would combine them and output the total results. (This is all for topaz by the way). I can do some basic security by adding a secret to each POST to the server (this is what I do for my nightly build uploads). The problem is, coverage data is a .pickle, and, in the event my secret is compromised I'd prefer the result be bad coverage data, and not total ownage of my server.
It looks like the coverage data file only contains dicts, lists, strings, and ints (Correct me if I'm wrong, Ned). It would probably be possible to write a small de-pickler that would only load these things. In that way you could continue to serialize as a pickle, but be safe from server ownage on deserialization. Alex, would that meet your needs?
@jchappell82 thanks for looking into it. I still want to do it. There doesn't have to be any backward compatibility: there's no need to read coverage 3.7.1 data files with coverage 4.0. We can keep talking here, or find me on Freenode IRC as nedbat.