First of all: don't worry. Bors hasn't been hacked, and your repo isn't getting less secure.
What do GitHub Checks do
GitHub checks accomplish the same thing as [GitHub Status] does, but with a few big features:
- You can add a "run" or "re-run" button within GitHub itself
- The run info can be shown directly in GitHub
- The checks API is directly tied to GitHub Apps
What do you need to do
You should allow the new permission to be added, so that Bors can push checks (this doesn't work yet) and can gate on checks (this, on the other hand, has been implemented already). If you're running your own instance, you need to add the check run
webhook and read-write access to checks to your own app.
Other than that, you shouldn't need to do anything. If your repo has been configured to use the Travis status, bors will silently make sure that the new Travis check counts. When other services start enabling checks, we'll add them to the same "legacy status" mapping.