Link service provider unsafe

Unclear what “Link service provider” is for, but certain it is unsafe

See here:

I did get that the correct settings for are:


  • client_id: xxxx
  • client_secret: xxx

However, it’s also clear that this is unsafe. Why would codecov require uploading app sercrets to repositories (private or otherwise). I’d be happy to paste these in at somewhere instead!

Hi @earonesty

These settings for for Codecov Enterprise, in which case the config is only visible to you and not Codecov. If you are using that version and have concerns, please open a ticket. Otherwise, if you are trying to use these settings to sovle a problem, please let me know so we can assist.