Travis CI flaw exposed secrets of thousands of open source projects (ars technica)

Thisars technica article describes a problem with the Traviscontinuous-integration service:

A security flaw in Travis CI potentially exposed the secrets ofthousands of open source projects that rely on the hostedcontinuous integration service. Travis CI is a software-testingsolution used by over 900,000 open source projects and 600,000users. A vulnerability in the tool made it possible for secureenvironment variables-signing keys, access credentials, and APItokens of all public open source projects-to be exfiltrated.

Any project storing secrets in this service would be well advised toreplace them.