This repository was archived by the owner on Jul 23, 2025. It is now read-only.
This repository was archived by the owner on Jul 23, 2025. It is now read-only.
Verify the downloaded executable #331
Description
Describe the bug
No verification of the downloaded executable test-reporter is done. This can lead to vulnerabilities like CodeCov recently experienced: https://about.codecov.io/security-update/
Version of codeclimate-action you're using
v2.5.7
Example links
Additional context
https://about.codecov.io/security-update/