chore(release): bump to 5.3.1

chore(release): wrapper-0.1.0

Co-authored-by: codecov-releaser <devops+releaser@codecov.io>

.github/workflows/codeql-analysis.yml

@@ -41,7 +41,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3.27.5
+      uses: github/codeql-action/init@v3.28.1
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -52,7 +52,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v3.27.5
+      uses: github/codeql-action/autobuild@v3.28.1
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -66,4 +66,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3.27.5
+      uses: github/codeql-action/analyze@v3.28.1

.github/workflows/main.yml

@@ -22,7 +22,7 @@ jobs:
       - name: Upload coverage to Codecov (script)
         uses: ./
         with:
-          fail_ci_if_error: false
+          fail_ci_if_error: true
           files: ./coverage/script/coverage-final.json
           flags: script-${{ matrix.os }}
           name: codecov-script

.github/workflows/scorecards-analysis.yml

@@ -49,7 +49,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
         with:
           name: SARIF file
           path: results.sarif
@@ -57,6 +57,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@v3.27.5 # v1.0.26
+        uses: github/codeql-action/upload-sarif@v3.28.1 # v1.0.26
         with:
           sarif_file: results.sarif

CHANGELOG.md

@@ -1,3 +1,51 @@
+## v5.3.1
+
+### What's Changed
+
+
+**Full Changelog**: https://github.com/codecov/codecov-action/compare/v5.3.0..v5.3.1
+
+
+## v5.3.0
+
+### What's Changed
+
+
+**Full Changelog**: https://github.com/codecov/codecov-action/compare/v5.2.0..v5.3.0
+
+
+## v5.2.0
+
+### What's Changed
+* Fix typo in README by @tserg in https://github.com/codecov/codecov-action/pull/1747
+* Th/add commands by @thomasrockhu-codecov in https://github.com/codecov/codecov-action/pull/1745
+* use correct audience when requesting oidc token by @juho9000 in https://github.com/codecov/codecov-action/pull/1744
+* build(deps): bump github/codeql-action from 3.27.9 to 3.28.1 by @app/dependabot in https://github.com/codecov/codecov-action/pull/1742
+* build(deps): bump actions/upload-artifact from 4.4.3 to 4.6.0 by @app/dependabot in https://github.com/codecov/codecov-action/pull/1743
+* chore(deps): bump wrapper to 0.0.32 by @thomasrockhu-codecov in https://github.com/codecov/codecov-action/pull/1740
+* feat: add disable-telem feature by @thomasrockhu-codecov in https://github.com/codecov/codecov-action/pull/1739
+* fix: remove erroneous linebreak in readme by @Vampire in https://github.com/codecov/codecov-action/pull/1734
+
+
+**Full Changelog**: https://github.com/codecov/codecov-action/compare/v5.1.2..v5.2.0
+
+
+## v5.1.2
+
+### What's Changed
+* fix: update statment by @thomasrockhu-codecov in https://github.com/codecov/codecov-action/pull/1726
+* fix: update action script by @thomasrockhu-codecov in https://github.com/codecov/codecov-action/pull/1725
+* fix: prevent oidc on tokenless due to permissioning by @thomasrockhu-codecov in https://github.com/codecov/codecov-action/pull/1724
+* chore(release): wrapper-0.0.31 by @app/codecov-releaser-app in https://github.com/codecov/codecov-action/pull/1723
+* Put quotes around `${{ inputs.token }}` in `action.yml` by @jwodder in https://github.com/codecov/codecov-action/pull/1721
+* build(deps): bump github/codeql-action from 3.27.6 to 3.27.9 by @app/dependabot in https://github.com/codecov/codecov-action/pull/1722
+* Remove mistake from options table by @Acconut in https://github.com/codecov/codecov-action/pull/1718
+* build(deps): bump github/codeql-action from 3.27.5 to 3.27.6 by @app/dependabot in https://github.com/codecov/codecov-action/pull/1717
+
+
+**Full Changelog**: https://github.com/codecov/codecov-action/compare/v5.1.1..v5.1.2
+
+
 ## v5.1.1
 ### What's Changed
 

Makefile

@@ -1,5 +1,5 @@
 deploy:
-	$(eval VERSION := $(shell cat src/version | grep 'CODECOV_ACTION_VERSION=' | cut -d\" -f2))
+	$(eval VERSION := $(shell cat src/version))
 	git tag -d v5
 	git push origin :v5
 	git tag v5

README.md

@@ -45,6 +45,9 @@ You can see their usage in the `action.yml` [file](https://github.com/codecov/co
 
 To integrate Codecov with your Actions pipeline, specify the name of this repository with a tag number (`@v5` is recommended) as a `step` within your `workflow.yml` file.
 
+> [!WARNING]
+> In order for the Action to work seamlessly, you will need to have `curl`, `git`, and `gpg` installed on your runner. You will also need to run the [actions/checkout](https://github.com/actions/checkout) before calling the Codecov action.
+
 This Action also requires you to [provide an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) from [codecov.io](https://www.codecov.io) (tip: in order to avoid exposing your token, [store it](https://docs.codecov.com/docs/adding-the-codecov-token#github-actions) as a `secret`).
 
 Currently, the Action will identify linux, macos, and windows runners. However, the Action may misidentify other architectures. The OS can be specified as
@@ -105,21 +108,22 @@ Codecov's Action supports inputs from the user. These inputs, along with their d
 
 | Input  | Description | Required |
 | :---       |     :---     |    :---:   |
+| `base_sha` | 'The base SHA to select. This is only used in the "pr-base-picking" run command' | Optional
 | `binary` | The file location of a pre-downloaded version of the CLI. If specified, integrity checking will be bypassed. | Optional
-| `codecov_yml_path` | The location of the codecov.yml file. This is crrently ONLY used for automated test selection (https://docs.codecov.com/docs/getting-started-with-ats). Note that for all other cases, the Codecov yaml will need to be locate
-d as described here: https://docs.codecov.com/docs/codecov-yaml#can-i-name-the-file-codecovyml | Optional
+| `codecov_yml_path` | The location of the codecov.yml file. This is currently ONLY used for automated test selection (https://docs.codecov.com/docs/getting-started-with-ats). Note that for all other cases, the Codecov yaml will need to be located as described here: https://docs.codecov.com/docs/codecov-yaml#can-i-name-the-file-codecovyml | Optional
 | `commit_parent` | SHA (with 40 chars) of what should be the parent of this commit. | Optional
 | `directory` | Folder to search for coverage files. Default to the current working directory | Optional
 | `disable_file_fixes` | Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets). Read more here https://docs.codecov.com/docs/fixing-reports | Optional
 | `disable_search` | Disable search for coverage files. This is helpful when specifying what files you want to upload with the files option. | Optional
 | `disable_safe_directory` | Disable setting safe directory. Set to true to disable. | Optional
+| `disable_telem` | Disable sending telemetry data to Codecov. Set to true to disable. | Optional
 | `dry_run` | Don't upload files to Codecov | Optional
 | `env_vars` | Environment variables to tag the upload with (e.g. PYTHON \| OS,PYTHON) | Optional
 | `exclude` | Comma-separated list of folders to exclude from search. | Optional
 | `fail_ci_if_error` | On error, exit with non-zero code | Optional
 | `files` | Comma-separated explicit list of files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using "disable-search" to disable uploading other files. | Optional
-tional
 | `flags` | Comma-separated list of flags to upload to group coverage metrics. | Optional
+| `force` | Only used for empty-upload run command | Optional
 | `git_service` | Override the git_service (e.g. github_enterprise) | Optional
 | `gcov_args` | Extra arguments to pass to gcov | Optional
 | `gcov_executable` | gcov executable to run. Defaults to 'gcov' | Optional
@@ -140,6 +144,7 @@ tional
 | `report_code` | The code of the report if using local upload. If unsure, leave unset. Read more here https://docs.codecov.com/docs/the-codecov-cli#how-to-use-local-upload | Optional
 | `report_type` | The type of file to upload, coverage by default. Possible values are "testing", "coverage". | Optional
 | `root_dir` | Root folder from which to consider paths on the network section. Defaults to current working directory. | Optional
+| `run_command` | Choose which CLI command to run. Options are "upload-coverage", "empty-upload", "pr-base-picking", "send-notifications". "upload-coverage" is run by default.' | Optional
 | `skip_validation` | Skip integrity checking of the CLI. This is NOT recommended. | Optional
 | `slug` | [Required when using the org token] Set to the owner/repo slug used instead of the private repo token. Only applicable to some Enterprise users. | Optional
 | `swift_project` | Specify the swift project name. Useful for optimization. | Optional
@@ -147,6 +152,7 @@ tional
 | `url` | Set to the Codecov instance URl. Used by Dedicated Enterprise Cloud customers. | Optional
 | `use_legacy_upload_endpoint` | Use the legacy upload endpoint. | Optional
 | `use_oidc` | Use OIDC instead of token. This will ignore any token supplied | Optional
+| `use_pypi` | Use the pypi version of the CLI instead of from cli.codecov.io | Optional
 | `verbose` | Enable verbose logging | Optional
 | `version` | Which version of the Codecov CLI to use (defaults to 'latest') | Optional
 | `working-directory` | Directory in which to execute codecov.sh | Optional

action.yml

@@ -4,6 +4,9 @@ name: 'Codecov'
 description: 'GitHub Action that uploads coverage reports for your repository to codecov.io'
 author: 'Thomas Hu <@thomasrockhu-codecov> | Codecov'
 inputs:
+  base_sha:
+    description: 'The base SHA to select. This is only used in the "pr-base-picking" run command'
+    required: false
   binary:
     description: 'The file location of a pre-downloaded version of the CLI. If specified, integrity checking will be bypassed.'
     required: false
@@ -28,6 +31,10 @@ inputs:
     description: 'Disable setting safe directory. Set to true to disable.'
     required: false
     default: 'false'
+  disable_telem:
+    description: 'Disable sending telemetry data to Codecov. Set to true to disable.'
+    required: false
+    default: 'false'
   dry_run:
     description: "Don't upload files to Codecov"
     required: false
@@ -48,6 +55,9 @@ inputs:
   flags:
     description: 'Comma-separated list of flags to upload to group coverage metrics.'
     required: false
+  force:
+    description: 'Only used for empty-upload run command'
+    required: false
   git_service:
     description: 'Override the git_service (e.g. github_enterprise)'
     required: false
@@ -111,6 +121,10 @@ inputs:
   root_dir:
     description: 'Root folder from which to consider paths on the network section. Defaults to current working directory.'
     required: false
+  run_command:
+    description: 'Choose which CLI command to run. Options are "upload-coverage", "empty-upload", "pr-base-picking", "send-notifications". "upload-coverage" is run by default.'
+    required: false
+    default: 'upload-coverage'
   skip_validation:
     description: 'Skip integrity checking of the CLI. This is NOT recommended.'
     required: false
@@ -135,6 +149,10 @@ inputs:
     description: 'Use OIDC instead of token. This will ignore any token supplied'
     required: false
     default: 'false'
+  use_pypi:
+    description: 'Use the pypi version of the CLI instead of from cli.codecov.io'
+    required: false
+    default: 'false'
   verbose:
     description: 'Enable verbose logging'
     required: false
@@ -157,7 +175,7 @@ runs:
     - name: Action version
       shell: bash
       run: |
-        CC_ACTION_VERSION=$(cat ${GITHUB_ACTION_PATH}/src/version | grep 'CODECOV_ACTION_VERSION=' | cut -d\" -f2)
+        CC_ACTION_VERSION=$(cat ${GITHUB_ACTION_PATH}/src/version)
         echo -e "\033[0;32m==>\033[0m Running Action version $CC_ACTION_VERSION"
     - name: Set safe directory
       if: ${{ inputs.disable_safe_directory != 'true' }}
@@ -165,31 +183,52 @@ runs:
       run: |
         git config --global --add safe.directory ${{ github.workspace }}
 
+    - name: Set fork
+      shell: bash
+      run: |
+        CC_FORK="false"
+        if [ -n "$GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME" ] && [ "$GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME" != "$GITHUB_REPOSITORY" ];
+        then
+          echo -e "\033[0;32m==>\033[0m Fork detected"
+          CC_FORK="true"
+        fi
+        echo "CC_FORK=$CC_FORK" >> "$GITHUB_ENV"
+      env:
+        GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL: ${{ github.event.pull_request.head.label }}
+        GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME: ${{ github.event.pull_request.head.repo.full_name }}
+        GITHUB_REPOSITORY: ${{ github.repository }}
+
+
     - name: Get and set token
       shell: bash
       run: |
-        if [ "${{ inputs.use_oidc }}" == 'true' ];
+        if [ "${{ inputs.use_oidc }}" == 'true' ] && [ "$CC_FORK" != 'true' ];
         then
           # {"count":1984,"value":"***"}
-          CC_TOKEN=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=https://codecov.io" | cut -d\" -f6)
+          echo -e "\033[0;32m==>\033[0m Requesting OIDC token from '$ACTIONS_ID_TOKEN_REQUEST_URL'"
+          CC_TOKEN=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=$CC_OIDC_AUDIENCE" | cut -d\" -f6)
           echo "CC_TOKEN=$CC_TOKEN" >> "$GITHUB_ENV"
         elif [ -n "${{ env.CODECOV_TOKEN }}" ];
         then
+          echo -e "\033[0;32m==>\033[0m Token set from env"
             echo "CC_TOKEN=${{ env.CODECOV_TOKEN }}" >> "$GITHUB_ENV"
         else
-          if [ -n ${{ inputs.token }} ];
+          if [ -n "${{ inputs.token }}" ];
           then
+            echo -e "\033[0;32m==>\033[0m Token set from input"
             CC_TOKEN=$(echo "${{ inputs.token }}" | tr -d '\n')
             echo "CC_TOKEN=$CC_TOKEN" >> "$GITHUB_ENV"
           fi
         fi
+      env:
+        CC_OIDC_AUDIENCE: ${{ inputs.url || 'https://codecov.io' }}
 
     - name: Override branch for forks
       shell: bash
       run: |
-        if [ -z "$CC_BRANCH" ] && [ -z "$CC_TOKEN" ] && [ -n "$GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME" ] && [ "${GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME}" != "$GITHUB_REPOSITORY" ];
+        if [ -z "$CC_BRANCH" ] && [ -z "$CC_TOKEN" ] && [ "$CC_FORK" == 'true' ]
         then
-          echo -e "\033[0;32m==>\033[0m Fork detected, tokenless uploading used"
+          echo -e "\033[0;32m==>\033[0m Fork detected, setting branch to $GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
           TOKENLESS="$GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
           CC_BRANCH="$GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
           echo "TOKENLESS=$TOKENLESS" >> "$GITHUB_ENV"
@@ -228,6 +267,7 @@ runs:
       shell: bash
       working-directory: ${{ inputs.working-directory }}
       env:
+        CC_BASE_SHA: ${{ inputs.base_sha }}
         CC_BINARY: ${{ inputs.binary }}
         CC_BUILD: ${{ inputs.override_build }}
         CC_BUILD_URL: ${{ inputs.override_build_url }}
@@ -235,6 +275,7 @@ runs:
         CC_DIR: ${{ inputs.directory }}
         CC_DISABLE_FILE_FIXES: ${{ inputs.disable_file_fixes }}
         CC_DISABLE_SEARCH: ${{ inputs.disable_search }}
+        CC_DISABLE_TELEM: ${{ inputs.disable_telem }}
         CC_DRY_RUN: ${{ inputs.dry_run }}
         CC_ENTERPRISE_URL: ${{ inputs.url }}
         CC_ENV: ${{ inputs.env_vars }}
@@ -242,6 +283,7 @@ runs:
         CC_FAIL_ON_ERROR: ${{ inputs.fail_ci_if_error }}
         CC_FILES: ${{ inputs.files }}
         CC_FLAGS: ${{ inputs.flags }}
+        CC_FORCE: ${{ inputs.force }}
         CC_GCOV_ARGS: ${{ inputs.gcov_args }}
         CC_GCOV_EXECUTABLE: ${{ inputs.gcov_executable }}
         CC_GCOV_IGNORE: ${{ inputs.gcov_ignore }}
@@ -258,20 +300,12 @@ runs:
         CC_PARENT_SHA: ${{ inputs.commit_parent }}
         CC_PLUGINS: ${{ inputs.plugins }}
         CC_REPORT_TYPE: ${{ inputs.report_type }}
+        CC_RUN_CMD: ${{ inputs.run_command }}
+        CC_SERVICE: ${{ inputs.git_service }}
         CC_SKIP_VALIDATION: ${{ inputs.skip_validation }}
         CC_SLUG: ${{ inputs.slug }}
         CC_SWIFT_PROJECT: ${{ inputs.swift_project }}
+        CC_USE_PYPI: ${{ inputs.use_pypi }}
         CC_VERBOSE: ${{ inputs.verbose }}
         CC_VERSION: ${{ inputs.version }}
         CC_YML_PATH: ${{ inputs.codecov_yml_path }}
-
-    - name: Error
-      shell: bash
-      run: exit 1
-
-    - name: Gracefully exit
-      if: ${{ failure() && inputs.fail_ci_if_error != 'true' }}
-      shell: bash
-      run: |
-        echo -e "\033[0;32m==>\033[0m Exiting gracefully..."
-        exit 0

changelog.py

@@ -4,8 +4,7 @@ import subprocess
 
 def update_changelog():
     with open('src/version', 'r') as f:
-        raw_version = f.read()
-    version = re.search('\"(.*)\"', raw_version).groups()[0]
+        version = f.read()
     changelog = [f"## v{version}"]
     changelog.append("### What\'s Changed")
 

dist/codecov.sh

@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-CC_WRAPPER_VERSION="0.0.30"
+CC_WRAPPER_VERSION="0.1.0"
 set +u
 say() {
   echo -e "$1"
@@ -47,53 +47,58 @@ say "     _____          _
                                   "
 CC_VERSION="${CC_VERSION:-latest}"
 CC_FAIL_ON_ERROR="${CC_FAIL_ON_ERROR:-false}"
+CC_RUN_CMD="${CC_RUN_CMD:-upload-coverage}"
 if [ -n "$CC_BINARY" ];
 then
   if [ -f "$CC_BINARY" ];
   then
     cc_filename=$CC_BINARY
+    cc_command=$CC_BINARY
   else
     exit_if_error "Could not find binary file $CC_BINARY"
   fi
+elif [ "$CC_USE_PYPI" == "true" ];
+then
+  if ! pip install codecov-cli"$([ "$CC_VERSION" == "latest" ] && echo "" || echo "==$CC_VERSION" )"; then
+    exit_if_error "Could not install via pypi."
+    exit
+  fi
+  cc_command="codecovcli"
 else
   if [ -n "$CC_OS" ];
   then
     say "$g==>$x Overridden OS: $b${CC_OS}$x"
-    export cc_os=${CC_OS}
   else
-    CC_OS="linux"
+    CC_OS="windows"
     family=$(uname -s | tr '[:upper:]' '[:lower:]')
-    cc_os="windows"
-    [[ $family == "darwin" ]] && cc_os="macos"
-    [[ $family == "linux" ]] && cc_os="linux"
-    [[ $cc_os == "linux" ]] && \
+    [[ $family == "darwin" ]] && CC_OS="macos"
+    [[ $family == "linux" ]] && CC_OS="linux"
+    [[ $CC_OS == "linux" ]] && \
       osID=$(grep -e "^ID=" /etc/os-release | cut -c4-)
-    [[ $osID == "alpine" ]] && cc_os="alpine"
-    [[ $(arch) == "aarch64" && $family == "linux" ]] && cc_os+="-arm64"
-    say "$g==>$x Detected $b${cc_os}$x"
-    export cc_os=${cc_os}
+    [[ $osID == "alpine" ]] && CC_OS="alpine"
+    [[ $(arch) == "aarch64" && $family == "linux" ]] && CC_OS+="-arm64"
+    say "$g==>$x Detected $b${CC_OS}$x"
   fi
-  export cc_version=${CC_VERSION}
   cc_filename="codecov"
-  [[ $cc_os == "windows" ]] && cc_filename+=".exe"
-  export cc_filename=${cc_filename}
-  [[ $cc_os == "macos" ]]  && \
+  [[ $CC_OS == "windows" ]] && cc_filename+=".exe"
+  cc_command="./$cc_filename"
+  [[ $CC_OS == "macos" ]]  && \
     ! command -v gpg 2>&1 >/dev/null && \
     HOMEBREW_NO_AUTO_UPDATE=1 brew install gpg
   cc_url="https://cli.codecov.io"
   cc_url="$cc_url/${CC_VERSION}"
-  cc_url="$cc_url/${cc_os}/${cc_filename}"
+  cc_url="$cc_url/${CC_OS}/${cc_filename}"
   say "$g ->$x Downloading $b${cc_url}$x"
-  curl -Os "$cc_url"
-  say "$g==>$x Finishing downloading $b${cc_os}:${CC_VERSION}$x"
-  version_url="https://cli.codecov.io/api/${cc_os}/${CC_VERSION}"
-  version=$(curl -s "$version_url" -H "Accept:application/json" | jq -r '.version')
+  curl -O --retry 5 --retry-delay 2 "$cc_url"
+  say "$g==>$x Finishing downloading $b${CC_OS}:${CC_VERSION}$x"
+  version_url="https://cli.codecov.io/api/${CC_OS}/${CC_VERSION}"
+  version=$(curl -s "$version_url" -H "Accept:application/json" | tr \{ '\n' | tr , '\n' | tr \} '\n' | grep "\"version\"" | awk  -F'"' '{print $4}' | tail -1)
   say "      Version: $b$version$x"
   say " "
 fi
-if [ "$CC_SKIP_VALIDATION" = "true" ] || [ -n "$CC_BINARY" ];
+if [ "$CC_SKIP_VALIDATION" == "true" ] || [ -n "$CC_BINARY" ] || [ "$CC_USE_PYPI" == "true" ];
 then
-  say "$r==>$x Bypassing validation as requested by user"
+  say "$r==>$x Bypassing validation..."
 else
 CC_PUBLIC_PGP_KEY=$(curl -s https://keybase.io/codecovsecurity/pgp_keys.asc)
   echo "${CC_PUBLIC_PGP_KEY}"  | \
@@ -101,7 +106,7 @@ CC_PUBLIC_PGP_KEY=$(curl -s https://keybase.io/codecovsecurity/pgp_keys.asc)
   # One-time step
   say "$g==>$x Verifying GPG signature integrity"
   sha_url="https://cli.codecov.io"
-  sha_url="${sha_url}/${cc_version}/${cc_os}"
+  sha_url="${sha_url}/${CC_VERSION}/${CC_OS}"
   sha_url="${sha_url}/${cc_filename}.SHA256SUM"
   say "$g ->$x Downloading $b${sha_url}$x"
   say "$g ->$x Downloading $b${sha_url}.sig$x"
@@ -119,6 +124,16 @@ CC_PUBLIC_PGP_KEY=$(curl -s https://keybase.io/codecovsecurity/pgp_keys.asc)
   fi
   say "$g==>$x CLI integrity verified"
   say
+  chmod +x "$cc_command"
+fi
+if [ -n "$CC_BINARY_LOCATION" ];
+then
+  mkdir -p "$CC_BINARY_LOCATION" && mv "$cc_filename" $_
+  say "$g==>$x Codecov binary moved to ${CC_BINARY_LOCATION}"
+fi
+if [ "$CC_DOWNLOAD_ONLY" = "true" ];
+then
+  say "$g==>$x Codecov download only called. Exiting..."
 fi
 cc_cli_args=()
 cc_cli_args+=( $(k_arg AUTO_LOAD_PARAMS_FROM) $(v_arg AUTO_LOAD_PARAMS_FROM))
@@ -128,71 +143,8 @@ then
   cc_cli_args+=( "--codecov-yml-path" )
   cc_cli_args+=( "$CC_YML_PATH" )
 fi
+cc_cli_args+=( $(write_truthy_args CC_DISABLE_TELEM) )
 cc_cli_args+=( $(write_truthy_args CC_VERBOSE) )
-cc_uc_args=()
-# Args for create commit
-cc_uc_args+=( $(write_truthy_args CC_FAIL_ON_ERROR) )
-cc_uc_args+=( $(k_arg GIT_SERVICE) $(v_arg GIT_SERVICE))
-cc_uc_args+=( $(k_arg PARENT_SHA) $(v_arg PARENT_SHA))
-cc_uc_args+=( $(k_arg PR) $(v_arg PR))
-cc_uc_args+=( $(k_arg SHA) $(v_arg SHA))
-cc_uc_args+=( $(k_arg SLUG) $(v_arg SLUG))
-# Args for create report
-cc_uc_args+=( $(k_arg CODE) $(v_arg CODE))
-# Args for do upload
-cc_uc_args+=( $(k_arg ENV) $(v_arg ENV))
-OLDIFS=$IFS;IFS=,
-cc_uc_args+=( $(k_arg BRANCH) $(v_arg BRANCH))
-cc_uc_args+=( $(k_arg BUILD) $(v_arg BUILD))
-cc_uc_args+=( $(k_arg BUILD_URL) $(v_arg BUILD_URL))
-cc_uc_args+=( $(k_arg DIR) $(v_arg DIR))
-cc_uc_args+=( $(write_truthy_args CC_DISABLE_FILE_FIXES) )
-cc_uc_args+=( $(write_truthy_args CC_DISABLE_SEARCH) )
-cc_uc_args+=( $(write_truthy_args CC_DRY_RUN) )
-if [ -n "$CC_EXCLUDES" ];
-then
-  for directory in $CC_EXCLUDES; do
-    cc_uc_args+=( "--exclude" "$directory" )
-  done
-fi
-if [ -n "$CC_FILES" ];
-then
-  for file in $CC_FILES; do
-    cc_uc_args+=( "--file" "$file" )
-  done
-fi
-if [ -n "$CC_FLAGS" ];
-then
-  for flag in $CC_FLAGS; do
-    cc_uc_args+=( "--flag" "$flag" )
-  done
-fi
-cc_uc_args+=( $(k_arg GCOV_ARGS) $(v_arg GCOV_ARGS))
-cc_uc_args+=( $(k_arg GCOV_EXECUTABLE) $(v_arg GCOV_EXECUTABLE))
-cc_uc_args+=( $(k_arg GCOV_IGNORE) $(v_arg GCOV_IGNORE))
-cc_uc_args+=( $(k_arg GCOV_INCLUDE) $(v_arg GCOV_INCLUDE))
-cc_uc_args+=( $(write_truthy_args CC_HANDLE_NO_REPORTS_FOUND) )
-cc_uc_args+=( $(k_arg JOB_CODE) $(v_arg JOB_CODE))
-cc_uc_args+=( $(write_truthy_args CC_LEGACY) )
-if [ -n "$CC_NAME" ];
-then
-  cc_uc_args+=( "--name" "$CC_NAME" )
-fi
-cc_uc_args+=( $(k_arg NETWORK_FILTER) $(v_arg NETWORK_FILTER))
-cc_uc_args+=( $(k_arg NETWORK_PREFIX) $(v_arg NETWORK_PREFIX))
-cc_uc_args+=( $(k_arg NETWORK_ROOT_FOLDER) $(v_arg NETWORK_ROOT_FOLDER))
-if [ -n "$CC_PLUGINS" ];
-then
-  for plugin in $CC_PLUGINS; do
-    cc_uc_args+=( "--plugin" "$plugin" )
-  done
-fi
-cc_uc_args+=( $(k_arg REPORT_TYPE) $(v_arg REPORT_TYPE))
-cc_uc_args+=( $(k_arg SWIFT_PROJECT) $(v_arg SWIFT_PROJECT))
-IFS=$OLDIFS
-unset NODE_OPTIONS
-# See https://github.com/codecov/uploader/issues/475
-chmod +x $cc_filename
 if [ -n "$CC_TOKEN_VAR" ];
 then
   token="$(eval echo \$$CC_TOKEN_VAR)"
@@ -207,13 +159,100 @@ then
   token_str+=" -t <redacted>"
   token_arg+=( " -t " "$token")
 fi
-say "$g==>$x Running upload-coverage"
-say "      $b./$cc_filename $(echo "${cc_cli_args[@]}") upload-coverage$token_str $(echo "${cc_uc_args[@]}")$x"
-if ! ./$cc_filename \
-  ${cc_cli_args[*]} \
-  upload-coverage \
-  ${token_arg[*]} \
-  "${cc_uc_args[@]}";
+if [ "$CC_RUN_CMD" == "upload-coverage" ]; then
+cc_args=()
+# Args for create commit
+cc_args+=( $(write_truthy_args CC_FAIL_ON_ERROR) )
+cc_args+=( $(k_arg GIT_SERVICE) $(v_arg GIT_SERVICE))
+cc_args+=( $(k_arg PARENT_SHA) $(v_arg PARENT_SHA))
+cc_args+=( $(k_arg PR) $(v_arg PR))
+cc_args+=( $(k_arg SHA) $(v_arg SHA))
+cc_args+=( $(k_arg SLUG) $(v_arg SLUG))
+# Args for create report
+cc_args+=( $(k_arg CODE) $(v_arg CODE))
+# Args for do upload
+cc_args+=( $(k_arg ENV) $(v_arg ENV))
+OLDIFS=$IFS;IFS=,
+cc_args+=( $(k_arg BRANCH) $(v_arg BRANCH))
+cc_args+=( $(k_arg BUILD) $(v_arg BUILD))
+cc_args+=( $(k_arg BUILD_URL) $(v_arg BUILD_URL))
+cc_args+=( $(k_arg DIR) $(v_arg DIR))
+cc_args+=( $(write_truthy_args CC_DISABLE_FILE_FIXES) )
+cc_args+=( $(write_truthy_args CC_DISABLE_SEARCH) )
+cc_args+=( $(write_truthy_args CC_DRY_RUN) )
+if [ -n "$CC_EXCLUDES" ];
 then
-  exit_if_error "Failed to upload coverage"
+  for directory in $CC_EXCLUDES; do
+    cc_args+=( "--exclude" "$directory" )
+  done
+fi
+if [ -n "$CC_FILES" ];
+then
+  for file in $CC_FILES; do
+    cc_args+=( "--file" "$file" )
+  done
+fi
+if [ -n "$CC_FLAGS" ];
+then
+  for flag in $CC_FLAGS; do
+    cc_args+=( "--flag" "$flag" )
+  done
+fi
+cc_args+=( $(k_arg GCOV_ARGS) $(v_arg GCOV_ARGS))
+cc_args+=( $(k_arg GCOV_EXECUTABLE) $(v_arg GCOV_EXECUTABLE))
+cc_args+=( $(k_arg GCOV_IGNORE) $(v_arg GCOV_IGNORE))
+cc_args+=( $(k_arg GCOV_INCLUDE) $(v_arg GCOV_INCLUDE))
+cc_args+=( $(write_truthy_args CC_HANDLE_NO_REPORTS_FOUND) )
+cc_args+=( $(k_arg JOB_CODE) $(v_arg JOB_CODE))
+cc_args+=( $(write_truthy_args CC_LEGACY) )
+if [ -n "$CC_NAME" ];
+then
+  cc_args+=( "--name" "$CC_NAME" )
+fi
+cc_args+=( $(k_arg NETWORK_FILTER) $(v_arg NETWORK_FILTER))
+cc_args+=( $(k_arg NETWORK_PREFIX) $(v_arg NETWORK_PREFIX))
+cc_args+=( $(k_arg NETWORK_ROOT_FOLDER) $(v_arg NETWORK_ROOT_FOLDER))
+if [ -n "$CC_PLUGINS" ];
+then
+  for plugin in $CC_PLUGINS; do
+    cc_args+=( "--plugin" "$plugin" )
+  done
+fi
+cc_args+=( $(k_arg REPORT_TYPE) $(v_arg REPORT_TYPE))
+cc_args+=( $(k_arg SWIFT_PROJECT) $(v_arg SWIFT_PROJECT))
+IFS=$OLDIFS
+elif [ "$CC_RUN_CMD" == "empty-upload" ]; then
+cc_args=()
+cc_args+=( $(write_truthy_args CC_FAIL_ON_ERROR) )
+cc_args+=( $(write_truthy_args CC_FORCE) )
+cc_args+=( $(k_arg GIT_SERVICE) $(v_arg GIT_SERVICE))
+cc_args+=( $(k_arg SHA) $(v_arg SHA))
+cc_args+=( $(k_arg SLUG) $(v_arg SLUG))
+elif [ "$CC_RUN_CMD" == "pr-base-picking" ]; then
+cc_args=()
+cc_args+=( $(k_arg BASE_SHA) $(v_arg BASE_SHA))
+cc_args+=( $(k_arg PR) $(v_arg PR))
+cc_args+=( $(k_arg SLUG) $(v_arg SLUG))
+cc_args+=( $(k_arg SERVICE) $(v_arg SERVICE))
+elif [ "$CC_RUN_CMD" == "send-notifications" ]; then
+cc_args=()
+cc_args+=( $(k_arg SHA) $(v_arg SHA))
+cc_args+=( $(write_truthy_args CC_FAIL_ON_ERROR) )
+cc_args+=( $(k_arg GIT_SERVICE) $(v_arg GIT_SERVICE))
+cc_args+=( $(k_arg SLUG) $(v_arg SLUG))
+else
+  exit_if_error "Invalid run command specified: $CC_RUN_CMD"
+  exit
+fi
+unset NODE_OPTIONS
+# See https://github.com/codecov/uploader/issues/475
+say "$g==>$x Running $CC_RUN_CMD"
+say "      $b$cc_command $(echo "${cc_cli_args[@]}")$CC_RUN_CMD$token_str $(echo "${cc_args[@]}")$x"
+if ! $cc_command \
+  ${cc_cli_args[*]} \
+  ${CC_RUN_CMD} \
+  ${token_arg[*]} \
+  "${cc_args[@]}";
+then
+  exit_if_error "Failed to run $CC_RUN_CMD"
 fi

src/version

@@ -1 +1 @@
-CODECOV_ACTION_VERSION="5.1.1"
+5.3.1