Hi, I saw this (codecov) on the V project repo(s).
I think this may have been mentioned on github already, (forgive me if this is a dupe), but is it worth adding Qubes to codecov, (or an alt), which automatically scans for bugs and displays a nice badge on the (github) readme, (see this),?.
Codecov say they are free for open-source. I don’t think it requires any special perms to the repo/compromises security - unless I’ve overthunk it.
This seems like a really simple way to potentially catch security bugs before they become nasty.
Just a crazy thought.