Look what is written in the document, despite all the measures, Travis CI has infuriated the developer community. Travis CI has faced a backlash for various reasons. There is no analysis, no report on security, not a single warning to developers for any type regarding the exposure of secrets the developers may face. And that leads to people demanding the ban of Travis CI from GitHub. That is a big question mark on the Travis CI management for handling the issue poorly.

Researchers who identified the bug notified the company of it on September 7. Travis CI has requested all the clients to rotate their secrets as a precaution despite implementing security patches. It means Travis is really serious when it comes to keeping secrets from their clients. But they have realized that the system is somewhat flawed. Now let's see what they have in their kitty for future endeavors.

Well, I don’t think so. Look it’s a cloud-based tool and many of us think that the cloud is not really secure. The reason is that you are using somebody’s computer for data storage. 2ndly Travis CI compels people to trust as they claimed they will not leave security holes. But on the other hand, they use Github to test and deploy the code. Mean your data is going into the hands of a third party on somebody else's computer again. Maybe it works well most of the time, but are we really sure it will work always well. Obviously NO! There is a high risk involved in it.