build(deps): bump github/codeql-action from 3.30.0 to 4.34.1

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.0 to 4.34.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v3.30.0...v4.34.1)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.34.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/codeql-analysis.yml

@@ -41,7 +41,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3.30.0
+      uses: github/codeql-action/init@v4.34.1
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -52,7 +52,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v3.30.0
+      uses: github/codeql-action/autobuild@v4.34.1
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -66,4 +66,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3.30.0
+      uses: github/codeql-action/analyze@v4.34.1

.github/workflows/scorecards-analysis.yml

@@ -57,6 +57,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@v3.30.0 # v1.0.26
+        uses: github/codeql-action/upload-sarif@v4.34.1 # v1.0.26
         with:
           sarif_file: results.sarif

CHANGELOG.md

@@ -1,9 +1,9 @@
-## v5.6.0
+## v5.5.2
 
 ### What's Changed
 
 
-**Full Changelog**: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.6.0
+**Full Changelog**: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2
 
 
 ## v5.5.1

README.md

@@ -132,7 +132,6 @@ Codecov's Action supports inputs from the user. These inputs, along with their d
 | `codecov_yml_path` | The location of the codecov.yml file. This is currently ONLY used for automated test selection (https://docs.codecov.com/docs/getting-started-with-ats). Note that for all other cases, the Codecov yaml will need to be located as described here: https://docs.codecov.com/docs/codecov-yaml#can-i-name-the-file-codecovyml | Optional
 | `commit_parent` | SHA (with 40 chars) of what should be the parent of this commit. | Optional
 | `directory` | Folder to search for coverage files. Default to the current working directory | Optional
-| `disable_checkout` | Disable checking out the repository. This is not recommended as it can cause unwanted side effects in coverage processing | Optional
 | `disable_file_fixes` | Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets). Read more here https://docs.codecov.com/docs/fixing-reports | Optional
 | `disable_search` | Disable search for coverage files. This is helpful when specifying what files you want to upload with the files option. | Optional
 | `disable_safe_directory` | Disable setting safe directory. Set to true to disable. | Optional
@@ -141,7 +140,7 @@ Codecov's Action supports inputs from the user. These inputs, along with their d
 | `env_vars` | Environment variables to tag the upload with (e.g. PYTHON \| OS,PYTHON) | Optional
 | `exclude` | Comma-separated list of folders to exclude from search. | Optional
 | `fail_ci_if_error` | On error, exit with non-zero code | Optional
-| `files` | Comma-separated explicit list of files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using "disable-search" to disable uploading other files. | Optional
+| `files` | Comma-separated explicit list of files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using "disable_search" to disable uploading other files. | Optional
 | `flags` | Comma-separated list of flags to upload to group coverage metrics. | Optional
 | `force` | Only used for empty-upload run command | Optional
 | `git_service` | Override the git_service (e.g. github_enterprise) | Optional

action.yml

@@ -19,10 +19,6 @@ inputs:
   directory:
     description: 'Folder to search for coverage files. Default to the current working directory'
     required: false
-  disable_checkout:
-    description: 'Disable checking out the repository. This is not recommended as it can cause unwanted side effects in coverage processing'
-    required: false
-    default: 'false'
   disable_file_fixes:
     description: 'Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets). Read more here https://docs.codecov.com/docs/fixing-reports'
     required: false
@@ -54,7 +50,7 @@ inputs:
     required: false
     default: 'false'
   files:
-    description: 'Comma-separated list of explicit files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using disable-search to disable uploading other files.'
+    description: 'Comma-separated list of explicit files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using disable_search to disable uploading other files.'
     required: false
   flags:
     description: 'Comma-separated list of flags to upload to group coverage metrics.'
@@ -184,13 +180,20 @@ runs:
       run: |
         missing_deps=""
 
-        # Check for required commands
+        # Check for always-required commands
-        for cmd in bash git curl gpg; do
+        for cmd in bash git curl; do
           if ! command -v "$cmd" >/dev/null 2>&1; then
             missing_deps="$missing_deps $cmd"
           fi
         done
 
+        # Check for gpg only if validation is not being skipped
+        if [ "${{ inputs.skip_validation }}" != "true" ]; then
+          if ! command -v gpg >/dev/null 2>&1; then
+            missing_deps="$missing_deps gpg"
+          fi
+        fi
+
         # Report missing required dependencies
         if [ -n "$missing_deps" ]; then
           echo "Error: The following required dependencies are missing:$missing_deps"
@@ -204,24 +207,6 @@ runs:
       run: |
         CC_ACTION_VERSION=$(cat ${GITHUB_ACTION_PATH}/src/version)
         echo -e "\033[0;32m==>\033[0m Running Action version $CC_ACTION_VERSION"
-
-    - name: Check if repository is checked out
-      id: check_repo
-      shell: bash
-      run: |
-        if [ -d ".git" ]; then
-          echo "Repository is checked out."
-          echo "repo_checked_out=true" >> "$GITHUB_OUTPUT"
-        else
-          echo "Repository is NOT checked out."
-          echo "repo_checked_out=false" >> "$GITHUB_OUTPUT"
-        fi
-    - name: Checkout repository
-      if: ${{ steps.check_repo.outputs.repo_checked_out == 'false' && inputs.disable_checkout != 'true' }}
-      uses: actions/checkout@v5
-      with:
-        fetch-depth: 2
-
     - name: Set safe directory
       if: ${{ inputs.disable_safe_directory != 'true' }}
       shell: bash
@@ -245,7 +230,7 @@ runs:
         GITHUB_REPOSITORY: ${{ github.repository }}
 
     - name: Get OIDC token
-      uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
       id: oidc
       with:
         script: |

src/version

@@ -1 +1 @@
-5.6.0
+5.5.3