Heroku CI and Review App Secrets Compromised
by himeexcelanta on Hacker News.
Just got an email from Salesforce: “Action Required: Heroku security notification”. Looks like the database that stores pipeline-level config variables for both Review Apps and Heroku CI were compromised. Per Heroku, “…any secrets you set in Review Apps and Heroku CI config may have been compromised and should be rotated”. This…is really messed up