chore(release): 5.6.0

fix: add back checkout
fix: remove checkout for container
2025-12-09 00:26:25 +00:00 · 2025-10-04 23:34:14 +02:00 · 2025-10-04 23:33:11 +02:00 · 2025-10-04 23:31:32 +02:00 · 2025-10-04 23:30:12 +02:00 · 2025-10-04 23:29:25 +02:00
6 changed files with 40 additions and 16 deletions
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -41,7 +41,7 @@ jobs:

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v4.31.7
+      uses: github/codeql-action/init@v3.30.0
      with:
        languages: ${{ matrix.language }}
        # If you wish to specify custom queries, you can do so here or in a config file.
@@ -52,7 +52,7 @@ jobs:
    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
    # If this step fails, then you should remove it and run the build manually (see below)
    - name: Autobuild
-      uses: github/codeql-action/autobuild@v4.31.7
+      uses: github/codeql-action/autobuild@v3.30.0

    # ℹ️ Command-line programs to run using the OS shell.
    # 📚 https://git.io/JvXDl
@@ -66,4 +66,4 @@ jobs:
    #   make release

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v4.31.7
+      uses: github/codeql-action/analyze@v3.30.0
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@@ -57,6 +57,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@v4.31.7 # v1.0.26
+        uses: github/codeql-action/upload-sarif@v3.30.0 # v1.0.26
        with:
          sarif_file: results.sarif
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,11 @@
+## v5.6.0
+
+### What's Changed
+
+
+**Full Changelog**: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.6.0
+
+
 ## v5.5.1

 ### What's Changed
--- a/README.md
+++ b/README.md
@@ -132,6 +132,7 @@ Codecov's Action supports inputs from the user. These inputs, along with their d
 | `codecov_yml_path` | The location of the codecov.yml file. This is currently ONLY used for automated test selection (https://docs.codecov.com/docs/getting-started-with-ats). Note that for all other cases, the Codecov yaml will need to be located as described here: https://docs.codecov.com/docs/codecov-yaml#can-i-name-the-file-codecovyml | Optional
 | `commit_parent` | SHA (with 40 chars) of what should be the parent of this commit. | Optional
 | `directory` | Folder to search for coverage files. Default to the current working directory | Optional
+| `disable_checkout` | Disable checking out the repository. This is not recommended as it can cause unwanted side effects in coverage processing | Optional
 | `disable_file_fixes` | Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets). Read more here https://docs.codecov.com/docs/fixing-reports | Optional
 | `disable_search` | Disable search for coverage files. This is helpful when specifying what files you want to upload with the files option. | Optional
 | `disable_safe_directory` | Disable setting safe directory. Set to true to disable. | Optional
@@ -140,7 +141,7 @@ Codecov's Action supports inputs from the user. These inputs, along with their d
 | `env_vars` | Environment variables to tag the upload with (e.g. PYTHON \| OS,PYTHON) | Optional
 | `exclude` | Comma-separated list of folders to exclude from search. | Optional
 | `fail_ci_if_error` | On error, exit with non-zero code | Optional
-| `files` | Comma-separated explicit list of files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using "disable_search" to disable uploading other files. | Optional
+| `files` | Comma-separated explicit list of files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using "disable-search" to disable uploading other files. | Optional
 | `flags` | Comma-separated list of flags to upload to group coverage metrics. | Optional
 | `force` | Only used for empty-upload run command | Optional
 | `git_service` | Override the git_service (e.g. github_enterprise) | Optional
--- a/action.yml
+++ b/action.yml
@@ -19,6 +19,10 @@ inputs:
  directory:
    description: 'Folder to search for coverage files. Default to the current working directory'
    required: false
+  disable_checkout:
+    description: 'Disable checking out the repository. This is not recommended as it can cause unwanted side effects in coverage processing'
+    required: false
+    default: 'false'
  disable_file_fixes:
    description: 'Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets). Read more here https://docs.codecov.com/docs/fixing-reports'
    required: false
@@ -50,7 +54,7 @@ inputs:
    required: false
    default: 'false'
  files:
-    description: 'Comma-separated list of explicit files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using disable_search to disable uploading other files.'
+    description: 'Comma-separated list of explicit files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using disable-search to disable uploading other files.'
    required: false
  flags:
    description: 'Comma-separated list of flags to upload to group coverage metrics.'
@@ -180,20 +184,13 @@ runs:
      run: |
        missing_deps=""

-        # Check for always-required commands
-        for cmd in bash git curl; do
+        # Check for required commands
+        for cmd in bash git curl gpg; do
          if ! command -v "$cmd" >/dev/null 2>&1; then
            missing_deps="$missing_deps $cmd"
          fi
        done

-        # Check for gpg only if validation is not being skipped
-        if [ "${{ inputs.skip_validation }}" != "true" ]; then
-          if ! command -v gpg >/dev/null 2>&1; then
-            missing_deps="$missing_deps gpg"
-          fi
-        fi
-
        # Report missing required dependencies
        if [ -n "$missing_deps" ]; then
          echo "Error: The following required dependencies are missing:$missing_deps"
@@ -207,6 +204,24 @@ runs:
      run: |
        CC_ACTION_VERSION=$(cat ${GITHUB_ACTION_PATH}/src/version)
        echo -e "\033[0;32m==>\033[0m Running Action version $CC_ACTION_VERSION"
+
+    - name: Check if repository is checked out
+      id: check_repo
+      shell: bash
+      run: |
+        if [ -d ".git" ]; then
+          echo "Repository is checked out."
+          echo "repo_checked_out=true" >> "$GITHUB_OUTPUT"
+        else
+          echo "Repository is NOT checked out."
+          echo "repo_checked_out=false" >> "$GITHUB_OUTPUT"
+        fi
+    - name: Checkout repository
+      if: ${{ steps.check_repo.outputs.repo_checked_out == 'false' && inputs.disable_checkout != 'true' }}
+      uses: actions/checkout@v5
+      with:
+        fetch-depth: 2
+
    - name: Set safe directory
      if: ${{ inputs.disable_safe_directory != 'true' }}
      shell: bash
--- a/src/version
+++ b/src/version
@@ -1 +1 @@
-5.5.1
+5.6.0
Author	SHA1	Message	Date
Tom Hu	0a29773d27	chore(release): 5.6.0	2025-10-04 23:34:14 +02:00
Tom Hu	2b9e5e4a9c	fix: add back checkout	2025-10-04 23:33:11 +02:00
Tom Hu	4815464734	fix: remove checkout for container	2025-10-04 23:31:32 +02:00
Tom Hu	2b3bd7f752	fix: adding shell	2025-10-04 23:30:12 +02:00
Tom Hu	4fe6a9bdcd	fix: add new checkout step	2025-10-04 23:29:25 +02:00
@@ -1 +1 @@
 .5.1
 .6.0