chore(release): 5.0.1 (#1656)

* fix: update tokenless branch logic

* fix: use the github context

* fix: use double quotes

* fix: lots of quotes

* fix: ai fixes

* fix: just shove it in

* fix: more ai fixes

* fix: missing double quote

* fix: more clenaup

* fix: add CC_BRANCH setting for not forks

* fix: cleanup

* fix: more cleanup

README.md

@@ -1,6 +1,6 @@
 # Codecov GitHub Action
 
-[![GitHub Marketplace](https://img.shields.io/badge/Marketplace-v4-undefined.svg?logo=github&logoColor=white&style=flat)](https://github.com/marketplace/actions/codecov)
+[![GitHub Marketplace](https://img.shields.io/badge/Marketplace-v5-undefined.svg?logo=github&logoColor=white&style=flat)](https://github.com/marketplace/actions/codecov)
 [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fcodecov%2Fcodecov-action.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fcodecov%2Fcodecov-action?ref=badge_shield)
 [![Workflow for Codecov Action](https://github.com/codecov/codecov-action/actions/workflows/main.yml/badge.svg)](https://github.com/codecov/codecov-action/actions/workflows/main.yml)
 ### Easily upload coverage reports to Codecov from GitHub Actions
@@ -9,12 +9,13 @@
 `v5` of the Codecov GitHub Action will use the [Codecov Wrapper](https://github.com/codecov/wrapper) to encapsulate the [CLI](https://github.com/codecov/codecov-cli). This will help ensure that the Action gets updates quicker.
 
 ### Migration Guide
-The `v5` release also coincides with the opt-out feature for tokens for public repositories. In the repository settings page in codecov.io, you can set the ability for Codecov to receive a coverage report from ANY souce. This will allow contributors or other members of a repository to upload without needing access to the Codecov token.
+The `v5` release also coincides with the opt-out feature for tokens for public repositories. In the `Global Upload Token` section of the settings page of an organization in codecov.io, you can set the ability for Codecov to receive a coverage reports from any source. This will allow contributors or other members of a repository to upload without needing access to the Codecov token. For more details see [how to upload without a token](https://docs.codecov.com/docs/codecov-tokens#uploading-without-a-token).
+
+> [!WARNING]
+> **The following arguments have been changed**
+> - `file` (this has been deprecated in favor of `files`)
+> - `plugin` (this has been deprecated in favor of `plugins`)
 
-**The following arguments have been changed**
-- `file` (this has been deprecated in favor of `files`)
-- `plugin` (this has been deprecated in favor of `plugins`)
-  
 The following arguments have been added:
 
 - `binary`

VERSION

@@ -1 +0,0 @@
-5.0.0-beta

action.yml

@@ -175,13 +175,32 @@ runs:
             echo "CODECOV_TOKEN=$CODECOV_TOKEN" >> $GITHUB_ENV
           fi
         fi
+
+    - name: Override branch for forks
+      shell: bash
+      run: |
+        if [ -z "$CC_BRANCH" ] && [ -z "$CODECOV_TOKEN" ] && [ "${GITHUB_EVENT_PULL_REQUEST_REPO_FULL_NAME}" != "$GITHUB_REPOSITORY" ];
+        then
+          echo -e "\033[0;32m==>\033[0m Fork detected, tokenless uploading used"
+          TOKENLESS="$GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
+          CC_BRANCH="$GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
+          echo "TOKENLESS=$TOKENLESS" >> $GITHUB_ENV
+        fi
+
+        echo "CC_BRANCH=$CC_BRANCH" >> $GITHUB_ENV
+      env:
+        CC_BRANCH: ${{ inputs.override_branch }}
+        GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL: ${{ github.event.pull_request.head.label }}
+        GITHUB_EVENT_PULL_REQUEST_REPO_FULL_NAME: ${{ github.event.pull_request.repo.full_name }}
+        GITHUB_REPOSITORY: ${{ github.repository }}
+
     - name: Upload coverage to Codecov
       run: ${GITHUB_ACTION_PATH}/dist/codecov.sh
       shell: bash
       working-directory: ${{ inputs.working-directory }}
       env:
         CC_BINARY: ${{ inputs.binary }}
-        CC_BRANCH: ${{ inputs.override_branch }}
+        CC_BRANCH: $CC_BRANCH
         CC_BUILD: ${{ inputs.override_build }}
         CC_BUILD_URL: ${{ inputs.override_build_url }}
         CC_CODE: ${{ inputs.report_code }}

dist/codecov.sh

@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-CC_WRAPPER_VERSION="0.0.22"
+CC_WRAPPER_VERSION="0.0.24"
 set +u
 say() {
   echo -e "$1"
@@ -80,13 +80,16 @@ else
   say "$g ->$x Downloading $b${cc_url}$x"
   curl -Os $cc_url
   say "$g==>$x Finishing downloading $b${cc_os}:${CC_VERSION}$x"
+  version_url="https://cli.codecov.io/${cc_os}/${CC_VERSION}"
+  version=$(curl -s $version_url -H "Accept:application/json" | jq -r '.version')
+  say "      Version: $b$version$x"
   say " "
 fi
 if [ "$CC_SKIP_VALIDATION" = "true" ] || [ -n "$CC_BINARY" ];
 then
   say "$r==>$x Bypassing validation as requested by user"
 else
-CC_PUBLIC_PGP_KEY=$(curl https://keybase.io/codecovsecurity/pgp_keys.asc)
+CC_PUBLIC_PGP_KEY=$(curl -s https://keybase.io/codecovsecurity/pgp_keys.asc)
   echo "${CC_PUBLIC_PGP_KEY}"  | \
     gpg --no-default-keyring --import
   # One-time step
@@ -131,6 +134,7 @@ cc_cr_args+=( $(write_existing_args CC_PR) )
 cc_cr_args+=( $(write_existing_args CC_SHA) )
 cc_cr_args+=( $(write_existing_args CC_SLUG) )
 cc_du_args=()
+cc_du_args+=( $(write_existing_args CC_ENV) )
 OLDIFS=$IFS;IFS=,
 cc_du_args+=( $(write_existing_args CC_BRANCH) )
 cc_du_args+=( $(write_existing_args CC_BUILD) )
@@ -140,7 +144,6 @@ cc_du_args+=( $(write_existing_args CC_DIR) )
 cc_du_args+=( $(write_truthy_args CC_DISABLE_FILE_FIXES) )
 cc_du_args+=( $(write_truthy_args CC_DISABLE_SEARCH) )
 cc_du_args+=( $(write_truthy_args CC_DRY_RUN) )
-cc_du_args+=( $(write_existing_args CC_ENV) )
 if [ -n "$CC_EXCLUDES" ];
 then
   for directory in $CC_EXCLUDES; do

src/version

@@ -1 +1 @@
-CODECOV_ACTION_VERSION="5.0.0"
+CODECOV_ACTION_VERSION="5.0.1"