циклировай, а то мы ж все равно рано или поздно проебем https://travis-ci.community/t/security-bulletin/12081 According to a received report, a Public repository forked from another one could file a pull request (standard functionality e.g. in GitHub, BitBucket, Assembla) and while doing it, obtain unauthorized access to secret from the original Public repository with a condition of printing some of the flies during the build process. In this scenario secrets are still encrypted in the Travis CI database. <...> As a reminder, cycling your secrets is something that all users should do on a regular basis. If you are unsure how to do this please contact Support.