Travis Personal Token

Bridgecrew Policy ID: BC_GIT_69
Chekov Check ID: CKV_SECRET_69
Severity: LOW

Travis Personal Token

Description

Travis CI is a hosted CI service used to build and test software projects hosted on GitHub and Bitbucket. Travis CI was the first CI service which provided services to open-source projects for free and continues to do so. TravisPro provides custom deployments of a proprietary version on the customer's own hardware.

Fix - Buildtime

Travis CI

Step 1: Revoke the token

Go to Travis CI and click on your avatar, then click on Settings
Click on the Tokens tab
Find the compromised token and click on the trash icon

Step 2: Monitor for abuse

Updated 10 months ago