From 81873b8322e0da3ca765f54cf93651a83a393918 Mon Sep 17 00:00:00 2001
From: Chris Rebert <github@rebertia.com>
Date: Tue, 9 Dec 2014 16:17:01 -0800
Subject: explain what makes files sensitive in the Sauce use case

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index b1ba8e8..c101492 100644
--- a/README.md
+++ b/README.md
@@ -23,7 +23,7 @@ By automating the process of initiating Travis-based Sauce tests and posting the
 ## How it works (for the Open Sauce use-case)
 1. Use GitHub webhooks to listen for new or updated pull requests in a given GitHub repository.
 2. If the pull request does not modify any JavaScript files, ignore it.
-3. Ensure that no sensitive build files (e.g. `.travis.yml`, `Gruntfile.js`) have been modified.
+3. Ensure that no sensitive build files (e.g. `.travis.yml`, `Gruntfile.js`) have been modified, since these files have the potential to cause leakage/exposure of the Sauce login credentials.
 4. Clone the pull request's branch and push it to a test repo under an autogenerated name.
 5. Travis CI will automatically run a build on the new branch *under the test repo's user*. Thus, this build will have access to Travis secure environment variables; in particular, it will have access to the Sauce Labs credentials.
 6. Use webhooks to track the status of the Travis build.
-- 
cgit v1.2.3