fix: try skip validation

Co-authored-by: codecov-releaser <devops+releaser@codecov.io>

.github/dependabot.yml

@@ -0,0 +1,12 @@
+version: 2
+updates:
+- package-ecosystem: npm
+  directory: /
+  schedule:
+    interval: daily
+  open-pull-requests-limit: 10
+- package-ecosystem: github-actions
+  directory: /
+  schedule:
+    interval: weekly
+  open-pull-requests-limit: 10

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,69 @@
+
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ main ]
+  schedule:
+    - cron: '24 6 * * 5'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://git.io/codeql-language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4.2.2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3.27.9
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v3.27.9
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3.27.9

.github/workflows/enforce-license-compliance.yml

@@ -0,0 +1,14 @@
+name: Enforce License Compliance
+
+on:
+  pull_request:
+    branches: [main]
+
+jobs:
+  enforce-license-compliance:
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Enforce License Compliance'
+        uses: getsentry/action-enforce-license-compliance@57ba820387a1a9315a46115ee276b2968da51f3d # main
+        with:
+          fossa_api_key: ${{ secrets.FOSSA_API_KEY }}

.github/workflows/main.yml

@@ -1,27 +1,136 @@
+---
 name: Workflow for Codecov Action
 on: [push, pull_request]
+permissions:
+  id-token: write
+  contents: read
 jobs:
   run:
-    runs-on: ubuntu-latest
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [macos-latest, windows-latest, ubuntu-latest]
     steps:
       - name: Checkout
-        uses: actions/checkout@master
+        uses: actions/checkout@v4.2.2
+        with:
+          submodules: 'true'
       - name: Install dependencies
-        run: npm install
+        run: pip install -r src/scripts/app/requirements.txt
       - name: Run tests and collect coverage
-        run: yarn run test-all
-      - name: Upload coverage to Codecov
+        run: pytest src/scripts/app/ --cov
+      - name: Upload coverage to Codecov (script)
         uses: ./
         with:
-          files: ./coverage/calculator/coverage-final.json,./coverage/index/coverage-final.json
-          file: ./coverage/coverage-final.json
-          flags: unittest
-          name: codecov-1
-      - name: Upload coverage to Codecov (verbose)
-        uses: ./
-        with:
-          files: ./coverage/calculator/coverage-final.json,./coverage/index/coverage-final.json
-          file: ./coverage/coverage-final.json
-          flags: unittest
-          name: codecov-1
+          fail_ci_if_error: true
+          files: ./coverage/script/coverage-final.json
+          flags: script-${{ matrix.os }}
+          name: codecov-script
           verbose: true
+          skip_validation: true
+          token: ${{ secrets.CODECOV_TOKEN }}
+      - name: Upload coverage to Codecov (demo)
+        uses: ./
+        with:
+          fail_ci_if_error: true
+          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json
+          flags: demo-${{ matrix.os }}
+          name: codecov-demo
+          verbose: true
+          token: ${{ secrets.CODECOV_TOKEN }}
+      - name: Upload coverage to Codecov (version)
+        uses: ./
+        with:
+          fail_ci_if_error: true
+          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json
+          flags: version-${{ matrix.os }}
+          name: codecov-version
+          version: v9.1.0
+          verbose: true
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+  run-macos-latest-xlarge:
+    if: github.head.repo.full_name == 'codecov/codecov-action'
+    runs-on: macos-latest-xlarge
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4.2.2
+        with:
+          submodules: 'true'
+      - name: Install dependencies
+        run: pip install -r src/scripts/app/requirements.txt
+      - name: Run tests and collect coverage
+        run: pytest src/scripts/app/ --cov
+      - name: Upload coverage to Codecov (script)
+        uses: ./
+        with:
+          fail_ci_if_error: true
+          files: ./coverage/script/coverage-final.json
+          flags: script-macos-latest-xlarge
+          name: codecov-script
+          verbose: true
+          token: ${{ secrets.CODECOV_TOKEN }}
+      - name: Upload coverage to Codecov (demo)
+        uses: ./
+        with:
+          fail_ci_if_error: true
+          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json
+          flags: demo-macos-latest-xlarge
+          name: codecov-demo
+          verbose: true
+          token: ${{ secrets.CODECOV_TOKEN }}
+      - name: Upload coverage to Codecov (oidc)
+        uses: ./
+        with:
+          files: ./coverage/script/coverage-final.json
+          flags: script-${{ matrix.os }}
+          name: codecov-script
+          use_oidc: true
+          verbose: true
+      - name: Upload coverage to Codecov (version)
+        uses: ./
+        with:
+          fail_ci_if_error: true
+          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json
+          flags: version-maxos-latest-xlarge
+          name: codecov-version
+          version: v9.1.0
+          verbose: true
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+  run-container:
+    runs-on: ubuntu-latest
+    container: python:latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4.2.2
+        with:
+          submodules: 'true'
+      - name: Install deps
+        run: |
+          apt-get install git
+      - name: Upload coverage to Codecov (script)
+        uses: ./
+        with:
+          files: ./coverage/script/coverage-final.json
+          flags: script-${{ matrix.os }}
+          name: codecov-script
+          verbose: true
+          token: ${{ secrets.CODECOV_TOKEN }}
+      - name: Upload coverage to Codecov (demo)
+        uses: ./
+        with:
+          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json
+          flags: demo-${{ matrix.os }}
+          name: codecov-demo
+          verbose: true
+          token: ${{ secrets.CODECOV_TOKEN }}
+      - name: Upload coverage to Codecov (version)
+        uses: ./
+        with:
+          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json
+          flags: version-${{ matrix.os }}
+          name: codecov-version
+          version: v9.1.0
+          verbose: true
+          token: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/scorecards-analysis.yml

@@ -0,0 +1,62 @@
+name: Scorecards supply-chain security
+on:
+  # Only the default branch is supported.
+  branch_protection_rule:
+  schedule:
+    - cron: '43 20 * * 1'
+  push:
+    branches: [ main ]
+
+# Declare default permissions as read only.
+permissions: read-all
+
+jobs:
+  analysis:
+    if: github.repository == 'codecov/codecov-action'
+    name: Scorecards analysis
+    runs-on: ubuntu-latest
+    permissions:
+      # Needed to upload the results to code-scanning dashboard.
+      security-events: write
+      # Used to receive a badge. (Upcoming feature)
+      id-token: write
+      actions: read
+      contents: read
+
+    steps:
+      - name: "Checkout code"
+        uses: actions/checkout@v4.2.2 # v3.0.0
+        with:
+          persist-credentials: false
+
+      - name: "Run analysis"
+        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
+        with:
+          results_file: results.sarif
+          results_format: sarif
+          # (Optional) Read-only PAT token. Uncomment the `repo_token` line below if:
+          # - you want to enable the Branch-Protection check on a *public* repository, or
+          # - you are installing Scorecards on a *private* repository
+          # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
+          # repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
+
+          # Publish the results for public repositories to enable scorecard badges. For more details, see
+          # https://github.com/ossf/scorecard-action#publishing-results.
+          # For private repositories, `publish_results` will automatically be set to `false`, regardless
+          # of the value entered here.
+          publish_results: true
+
+      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
+      # format to the repository Actions tab.
+      - name: "Upload artifact"
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        with:
+          name: SARIF file
+          path: results.sarif
+          retention-days: 5
+
+      # Upload the results to GitHub's code scanning dashboard.
+      - name: "Upload to code-scanning"
+        uses: github/codeql-action/upload-sarif@v3.27.9 # v1.0.26
+        with:
+          sarif_file: results.sarif

.gitmodules

@@ -0,0 +1,4 @@
+[submodule "src/scripts"]
+	path = src/scripts
+	url = https://github.com/codecov/wrapper
+	branch = main

Makefile

@@ -0,0 +1,7 @@
+deploy:
+	$(eval VERSION := $(shell cat src/version))
+	git tag -d v5
+	git push origin :v5
+	git tag v5
+	git tag v$(VERSION) -s -m ""
+	git push origin --tags

README.md

@@ -1,52 +1,153 @@
 # Codecov GitHub Action
 
-[![GitHub Marketplace](https://img.shields.io/badge/Marketplace-v1-undefined.svg?logo=github&logoColor=white&style=flat)](https://github.com/marketplace/actions/codecov)
+[![GitHub Marketplace](https://img.shields.io/badge/Marketplace-v5-undefined.svg?logo=github&logoColor=white&style=flat)](https://github.com/marketplace/actions/codecov)
 [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fcodecov%2Fcodecov-action.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fcodecov%2Fcodecov-action?ref=badge_shield)
+[![Workflow for Codecov Action](https://github.com/codecov/codecov-action/actions/workflows/main.yml/badge.svg)](https://github.com/codecov/codecov-action/actions/workflows/main.yml)
 ### Easily upload coverage reports to Codecov from GitHub Actions
 
->The latest release of this Action adds support for tokenless uploads from GitHub Actions!
+## v5 Release
+`v5` of the Codecov GitHub Action will use the [Codecov Wrapper](https://github.com/codecov/wrapper) to encapsulate the [CLI](https://github.com/codecov/codecov-cli). This will help ensure that the Action gets updates quicker.
+
+### Migration Guide
+The `v5` release also coincides with the opt-out feature for tokens for public repositories. In the `Global Upload Token` section of the settings page of an organization in codecov.io, you can set the ability for Codecov to receive a coverage reports from any source. This will allow contributors or other members of a repository to upload without needing access to the Codecov token. For more details see [how to upload without a token](https://docs.codecov.com/docs/codecov-tokens#uploading-without-a-token).
+
+> [!WARNING]
+> **The following arguments have been changed**
+> - `file` (this has been deprecated in favor of `files`)
+> - `plugin` (this has been deprecated in favor of `plugins`)
+
+The following arguments have been added:
+
+- `binary`
+- `gcov_args`
+- `gcov_executable`
+- `gcov_ignore`
+- `gcov_include`
+- `report_type`
+- `skip_validation`
+- `swift_project`
+
+You can see their usage in the `action.yml` [file](https://github.com/codecov/codecov-action/blob/main/action.yml).
+
+## v4 Release
+`v4` of the Codecov GitHub Action will use the [Codecov CLI](https://github.com/codecov/codecov-cli) to upload coverage reports to Codecov.
+
+### Breaking Changes
+- Tokenless uploading is unsupported. However, PRs made from forks to the upstream public repos will support tokenless (e.g. contributors to OSS projects do not need the upstream repo's Codecov token). For details, [see our docs](https://docs.codecov.com/docs/codecov-uploader#supporting-token-less-uploads-for-forks-of-open-source-repos-using-codecov)
+- Various arguments to the Action have been removed
+
+### Dependabot
+- For repositories using `Dependabot`, users will need to ensure that it has access to the Codecov token for PRs from Dependabot to upload coverage. To do this, please add your `CODECOV_TOKEN` as a Dependabot Secret. For more information, see ["Configuring access to private registries for Dependabot."](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot#storing-credentials-for-dependabot-to-use)
+
+`v3` versions and below will not have access to CLI features (e.g. global upload token, ATS).
 
 ## Usage
 
-To integrate Codecov with your Actions pipeline, specify the name of this repository with a tag number (`@v1` is recommended) as a `step` within your `workflow.yml` file.
+To integrate Codecov with your Actions pipeline, specify the name of this repository with a tag number (`@v5` is recommended) as a `step` within your `workflow.yml` file.
 
-If you have a *private repository*, this Action also requires you to [provide an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) from [codecov.io](https://www.codecov.io) (tip: in order to avoid exposing your token, store it as a `secret`). Optionally, you can choose to include up to four additional inputs to customize the upload context. **For public repositories, no token is needed**
+This Action also requires you to [provide an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) from [codecov.io](https://www.codecov.io) (tip: in order to avoid exposing your token, [store it](https://docs.codecov.com/docs/adding-the-codecov-token#github-actions) as a `secret`).
+
+Currently, the Action will identify linux, macos, and windows runners. However, the Action may misidentify other architectures. The OS can be specified as
+- alpine
+- alpine-arm64
+- linux
+- linux-arm64
+- macos
+- windows
 
 Inside your `.github/workflows/workflow.yml` file:
 
 ```yaml
 steps:
-- uses: actions/checkout@master
-- uses: codecov/codecov-action@v1
+- uses: actions/checkout@main
+- uses: codecov/codecov-action@v5
   with:
-    token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
-    file: ./coverage.xml # optional
+    fail_ci_if_error: true # optional (default = false)
     files: ./coverage1.xml,./coverage2.xml # optional
     flags: unittests # optional
     name: codecov-umbrella # optional
-    fail_ci_if_error: true # optional (default = false)
+    token: ${{ secrets.CODECOV_TOKEN }}
     verbose: true # optional (default = false)
 ```
->**Note**: This assumes that you've set your Codecov token inside *Settings > Secrets* as `CODECOV_TOKEN`. If not, you can [get an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) for your specific repo on [codecov.io](https://www.codecov.io). Keep in mind that secrets are *not* available to forks of repositories.
+
+The Codecov token can also be passed in via environment variables:
+
+```yaml
+steps:
+- uses: actions/checkout@main
+- uses: codecov/codecov-action@v5
+  with:
+    fail_ci_if_error: true # optional (default = false)
+    files: ./coverage1.xml,./coverage2.xml # optional
+    flags: unittests # optional
+    name: codecov-umbrella # optional
+    verbose: true # optional (default = false)
+  env:
+    CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
+```
+> [!NOTE]
+> This assumes that you've set your Codecov token inside *Settings > Secrets* as `CODECOV_TOKEN`. If not, you can [get an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) for your specific repo on [codecov.io](https://www.codecov.io). Keep in mind that secrets are *not* available to forks of repositories.
+
+### Using OIDC
+For users with [OpenID Connect(OIDC) enabled](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect), the Codecov token is not necessary. You can use OIDC with the `use_oidc` argument as following.
+
+```yaml
+- uses: codecov/codecov-action@v5
+  with:
+    use_oidc: true
+```
+
+Any token supplied will be ignored, as Codecov will default to the OIDC token for verification.
 
 ## Arguments
 
-Codecov's Action currently supports five inputs from the user: `token`, `file`, `flags`,`name`, and `fail_ci_if_error`. These inputs, along with their descriptions and usage contexts, are listed in the table below:
+Codecov's Action supports inputs from the user. These inputs, along with their descriptions and usage contexts, are listed in the table below:
 
->**Update**: We've removed the `yml` parameter with the latest release of this action. Please put your custom codecov yaml file at the root of the repo because other locations will no longer be supported in the future.
-
-| Input  | Description | Usage |
-| :---:     |     :---:   |    :---:   |
-| `token`  | Used to authorize coverage report uploads  | *Required for private repos* |
-| `file`  | Path to the coverage report(s) | Optional
-| `files`  | Comma-separated paths to the coverage report(s) | Optional
-| `directory` | Directory to search for coverage reports. | Optional
-| `flags`  | Flag the upload to group coverage metrics (unittests, uitests, etc.). Multiple flags are separated by a comma (ui,chrome) | Optional
-| `env_vars`  | Environment variables to tag the upload with. Multiple env variables can be separated with commas (e.g. `OS,PYTHON`) | Optional
-| `name`  | Custom defined name for the upload | Optional
-| `fail_ci_if_error`  | Specify if CI pipeline should fail when Codecov runs into errors during upload. *Defaults to **false*** | Optional
-| `path_to_write_report` | Write upload file to path before uploading | Optional
-| `verbose` | Specify whether the Codecov output should be verbose | Optional
+| Input  | Description | Required |
+| :---       |     :---     |    :---:   |
+| `binary` | The file location of a pre-downloaded version of the CLI. If specified, integrity checking will be bypassed. | Optional
+| `codecov_yml_path` | The location of the codecov.yml file. This is crrently ONLY used for automated test selection (https://docs.codecov.com/docs/getting-started-with-ats). Note that for all other cases, the Codecov yaml will need to be located as described here: https://docs.codecov.com/docs/codecov-yaml#can-i-name-the-file-codecovyml | Optional
+| `commit_parent` | SHA (with 40 chars) of what should be the parent of this commit. | Optional
+| `directory` | Folder to search for coverage files. Default to the current working directory | Optional
+| `disable_file_fixes` | Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets). Read more here https://docs.codecov.com/docs/fixing-reports | Optional
+| `disable_search` | Disable search for coverage files. This is helpful when specifying what files you want to upload with the files option. | Optional
+| `disable_safe_directory` | Disable setting safe directory. Set to true to disable. | Optional
+| `dry_run` | Don't upload files to Codecov | Optional
+| `env_vars` | Environment variables to tag the upload with (e.g. PYTHON \| OS,PYTHON) | Optional
+| `exclude` | Comma-separated list of folders to exclude from search. | Optional
+| `fail_ci_if_error` | On error, exit with non-zero code | Optional
+| `files` | Comma-separated explicit list of files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using "disable-search" to disable uploading other files. | Optional
+| `flags` | Comma-separated list of flags to upload to group coverage metrics. | Optional
+| `git_service` | Override the git_service (e.g. github_enterprise) | Optional
+| `gcov_args` | Extra arguments to pass to gcov | Optional
+| `gcov_executable` | gcov executable to run. Defaults to 'gcov' | Optional
+| `gcov_ignore` | Paths to ignore during gcov gathering | Optional
+| `gcov_include` | Paths to include during gcov gathering | Optional
+| `handle_no_reports_found` | If no coverage reports are found, do not raise an exception. | Optional
+| `job_code` |  | Optional
+| `name` | Custom defined name of the upload. Visible in the Codecov UI | Optional
+| `network_filter` | Specify a filter on the files listed in the network section of the Codecov report. This will only add files whose path begin with the specified filter. Useful for upload-specific path fixing. | Optional
+| `network_prefix` | Specify a prefix on files listed in the network section of the Codecov report. Useful to help resolve path fixing. | Optional
+| `os` | Override the assumed OS. Options available at cli.codecov.io | Optional
+| `override_branch` | Specify the branch to be displayed with this commit on Codecov | Optional
+| `override_build` | Specify the build number manually | Optional
+| `override_build_url` | The URL of the build where this is running | Optional
+| `override_commit` | Commit SHA (with 40 chars) | Optional
+| `override_pr` | Specify the pull request number manually. Used to override pre-existing CI environment variables. | Optional
+| `plugins` | Comma-separated list of plugins to run. Specify `noop` to turn off all plugins | Optional
+| `report_code` | The code of the report if using local upload. If unsure, leave unset. Read more here https://docs.codecov.com/docs/the-codecov-cli#how-to-use-local-upload | Optional
+| `report_type` | The type of file to upload, coverage by default. Possible values are "testing", "coverage". | Optional
+| `root_dir` | Root folder from which to consider paths on the network section. Defaults to current working directory. | Optional
+| `skip_validation` | Skip integrity checking of the CLI. This is NOT recommended. | Optional
+| `slug` | [Required when using the org token] Set to the owner/repo slug used instead of the private repo token. Only applicable to some Enterprise users. | Optional
+| `swift_project` | Specify the swift project name. Useful for optimization. | Optional
+| `token` | Repository Codecov token. Used to authorize report uploads | Optional
+| `url` | Set to the Codecov instance URl. Used by Dedicated Enterprise Cloud customers. | Optional
+| `use_legacy_upload_endpoint` | Use the legacy upload endpoint. | Optional
+| `use_oidc` | Use OIDC instead of token. This will ignore any token supplied | Optional
+| `verbose` | Enable verbose logging | Optional
+| `version` | Which version of the Codecov CLI to use (defaults to 'latest') | Optional
+| `working-directory` | Directory in which to execute codecov.sh | Optional
 
 ### Example `workflow.yml` with Codecov Action
 
@@ -61,30 +162,28 @@ jobs:
         os: [ubuntu-latest, macos-latest, windows-latest]
     env:
       OS: ${{ matrix.os }}
-      PYTHON: '3.7'
+      PYTHON: '3.10'
     steps:
-    - uses: actions/checkout@master
+    - uses: actions/checkout@main
     - name: Setup Python
-      uses: actions/setup-python@master
+      uses: actions/setup-python@main
       with:
-        python-version: 3.7
+        python-version: 3.10
     - name: Generate coverage report
       run: |
         pip install pytest
         pip install pytest-cov
         pytest --cov=./ --cov-report=xml
     - name: Upload coverage to Codecov
-      uses: codecov/codecov-action@v1
+      uses: codecov/codecov-action@v5
       with:
-        token: ${{ secrets.CODECOV_TOKEN }}
-        file: ./coverage.xml
-        files: ./coverage1.xml,./coverage2.xml
         directory: ./coverage/reports/
-        flags: unittests
         env_vars: OS,PYTHON
-        name: codecov-umbrella
         fail_ci_if_error: true
-        path_to_write_report: ./coverage/codecov_report.gz
+        files: ./coverage1.xml,./coverage2.xml,!./cache
+        flags: unittests
+        name: codecov-umbrella
+        token: ${{ secrets.CODECOV_TOKEN }}
         verbose: true
 ```
 ## Contributing
@@ -95,5 +194,4 @@ Contributions are welcome! Check out the [Contribution Guide](CONTRIBUTING.md).
 
 The code in this project is released under the [MIT License](LICENSE).
 
-
 [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fcodecov%2Fcodecov-action.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2Fcodecov%2Fcodecov-action?ref=badge_large)

action.yml

@@ -1,40 +1,290 @@
+---
+# yamllint disable rule:line-length
 name: 'Codecov'
 description: 'GitHub Action that uploads coverage reports for your repository to codecov.io'
-author: 'Ibrahim Ali <@ibrahim0814> & Thomas Hu <@thomasrockhu> | Codecov'
+author: 'Thomas Hu <@thomasrockhu-codecov> | Codecov'
 inputs:
-  name:
-    description: 'User defined upload name. Visible in Codecov UI'
+  binary:
+    description: 'The file location of a pre-downloaded version of the CLI. If specified, integrity checking will be bypassed.'
     required: false
-  token:
-    description: 'Repository upload token - get it from codecov.io. Required only for private repositories'
+  codecov_yml_path:
+    description: 'The location of the codecov.yml file. This is crrently ONLY used for automated test selection (https://docs.codecov.com/docs/getting-started-with-ats). Note that for all other cases, the Codecov yaml will need to be located as described here: https://docs.codecov.com/docs/codecov-yaml#can-i-name-the-file-codecovyml'
     required: false
-  file:
-    description: 'Path to coverage file to upload'
-    required: false
-  files:
-    description: 'Comma-separated list of files to upload'
+  commit_parent:
+    description: 'SHA (with 40 chars) of what should be the parent of this commit.'
     required: false
   directory:
-    description: 'Directory to search for coverage reports.'
+    description: 'Folder to search for coverage files. Default to the current working directory'
     required: false
-  flags:
-    description: 'Flag upload to group coverage metrics (e.g. unittests | integration | ui,chrome)'
+  disable_file_fixes:
+    description: 'Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets). Read more here https://docs.codecov.com/docs/fixing-reports'
     required: false
-  path_to_write_report:
-    description: 'Write upload file to path before uploading'
+    default: 'false'
+  disable_search:
+    description: 'Disable search for coverage files. This is helpful when specifying what files you want to upload with the files option.'
     required: false
+    default: 'false'
+  disable_safe_directory:
+    description: 'Disable setting safe directory. Set to true to disable.'
+    required: false
+    default: 'false'
+  disable_telem:
+    description: 'Disable sending telemetry data to Codecov. Set to true to disable.'
+    required: false
+    default: 'false'
+  dry_run:
+    description: "Don't upload files to Codecov"
+    required: false
+    default: 'false'
   env_vars:
     description: 'Environment variables to tag the upload with (e.g. PYTHON | OS,PYTHON)'
     required: false
+  exclude:
+    description: 'Comma-separated list of folders to exclude from search.'
+    required: false
   fail_ci_if_error:
-    description: 'Specify whether or not CI build should fail if Codecov runs into an error during upload'
+    description: 'On error, exit with non-zero code'
     required: false
+    default: 'false'
+  files:
+    description: 'Comma-separated list of explicit files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using disable-search to disable uploading other files.'
+    required: false
+  flags:
+    description: 'Comma-separated list of flags to upload to group coverage metrics.'
+    required: false
+  git_service:
+    description: 'Override the git_service (e.g. github_enterprise)'
+    required: false
+    default: 'github'
+  gcov_args:
+    description: 'Extra arguments to pass to gcov'
+    required: false
+  gcov_executable:
+    description: "gcov executable to run. Defaults to 'gcov'"
+    required: false
+    default: 'gcov'
+  gcov_ignore:
+    description: 'Paths to ignore during gcov gathering'
+    required: false
+  gcov_include:
+    description: "Paths to include during gcov gathering"
+    required: false
+  handle_no_reports_found:
+    description: 'If no coverage reports are found, do not raise an exception.'
+    required: false
+    default: 'false'
+  job_code:
+    description: ''
+    required: false
+  name:
+    description: 'Custom defined name of the upload. Visible in the Codecov UI'
+    required: false
+  network_filter:
+    description: 'Specify a filter on the files listed in the network section of the Codecov report. This will only add files whose path begin with the specified filter. Useful for upload-specific path fixing.'
+    required: false
+  network_prefix:
+    description: 'Specify a prefix on files listed in the network section of the Codecov report. Useful to help resolve path fixing.'
+    required: false
+  os:
+    description: 'Override the assumed OS. Options available at cli.codecov.io'
+    required: false
+  override_branch:
+    description: 'Specify the branch to be displayed with this commit on Codecov'
+    required: false
+  override_build:
+    description: 'Specify the build number manually'
+    required: false
+  override_build_url:
+    description: 'The URL of the build where this is running'
+    required: false
+  override_commit:
+    description: 'Commit SHA (with 40 chars)'
+    required: false
+  override_pr:
+    description: 'Specify the pull request number manually. Used to override pre-existing CI environment variables.'
+    required: false
+  plugins:
+    description: 'Comma-separated list of plugins to run. Specify `noop` to turn off all plugins'
+    required: false
+  report_code:
+    description: 'The code of the report if using local upload. If unsure, leave default. Read more here https://docs.codecov.com/docs/the-codecov-cli#how-to-use-local-upload'
+    required: false
+  report_type:
+    description: 'The type of file to upload, coverage by default. Possible values are "testing", "coverage".'
+    required: false
+  root_dir:
+    description: 'Root folder from which to consider paths on the network section. Defaults to current working directory.'
+    required: false
+  skip_validation:
+    description: 'Skip integrity checking of the CLI. This is NOT recommended.'
+    required: false
+    default: 'false'
+  slug:
+    description: '[Required when using the org token] Set to the owner/repo slug used instead of the private repo token. Only applicable to some Enterprise users.'
+    required: false
+  swift_project:
+    description: 'Specify the swift project name. Useful for optimization.'
+    required: false
+  token:
+    description: 'Repository Codecov token. Used to authorize report uploads'
+    required: false
+  url:
+    description: 'Set to the Codecov instance URl. Used by Dedicated Enterprise Cloud customers.'
+    required: false
+  use_legacy_upload_endpoint:
+    description: 'Use the legacy upload endpoint.'
+    required: false
+    default: 'false'
+  use_oidc:
+    description: 'Use OIDC instead of token. This will ignore any token supplied'
+    required: false
+    default: 'false'
   verbose:
-    description: 'Specify whether the Codecov output should be verbose'
+    description: 'Enable verbose logging'
     required: false
+    default: 'false'
+  version:
+    description: "Which version of the Codecov CLI to use (defaults to 'latest')"
+    required: false
+    default: 'latest'
+  working-directory:
+    description: 'Directory in which to execute codecov.sh'
+    required: false
+
 branding:
   color: 'red'
   icon: 'umbrella'
+
 runs:
-  using: 'node12'
-  main: 'dist/index.js'
+  using: "composite"
+  steps:
+    - name: Action version
+      shell: bash
+      run: |
+        CC_ACTION_VERSION=$(cat ${GITHUB_ACTION_PATH}/src/version)
+        echo -e "\033[0;32m==>\033[0m Running Action version $CC_ACTION_VERSION"
+    - name: Set safe directory
+      if: ${{ inputs.disable_safe_directory != 'true' }}
+      shell: bash
+      run: |
+        git config --global --add safe.directory ${{ github.workspace }}
+
+    - name: Set fork
+      shell: bash
+      run: |
+        CC_FORK="false"
+        if [ -n "$GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME" ] && [ "$GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME" != "$GITHUB_REPOSITORY" ];
+        then
+          echo -e "\033[0;32m==>\033[0m Fork detected"
+          CC_FORK="true"
+        fi
+        echo "CC_FORK=$CC_FORK" >> "$GITHUB_ENV"
+      env:
+        GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL: ${{ github.event.pull_request.head.label }}
+        GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME: ${{ github.event.pull_request.head.repo.full_name }}
+        GITHUB_REPOSITORY: ${{ github.repository }}
+
+
+    - name: Get and set token
+      shell: bash
+      run: |
+        if [ "${{ inputs.use_oidc }}" == 'true' ] && [ "$CC_FORK" != 'true' ];
+        then
+          # {"count":1984,"value":"***"}
+          echo -e "\033[0;32m==>\033[0m Requesting OIDC token from '$ACTIONS_ID_TOKEN_REQUEST_URL'"
+          CC_TOKEN=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=https://codecov.io" | cut -d\" -f6)
+          echo "CC_TOKEN=$CC_TOKEN" >> "$GITHUB_ENV"
+        elif [ -n "${{ env.CODECOV_TOKEN }}" ];
+        then
+          echo -e "\033[0;32m==>\033[0m Token set from env"
+            echo "CC_TOKEN=${{ env.CODECOV_TOKEN }}" >> "$GITHUB_ENV"
+        else
+          if [ -n "${{ inputs.token }}" ];
+          then
+            echo -e "\033[0;32m==>\033[0m Token set from input"
+            CC_TOKEN=$(echo "${{ inputs.token }}" | tr -d '\n')
+            echo "CC_TOKEN=$CC_TOKEN" >> "$GITHUB_ENV"
+          fi
+        fi
+
+    - name: Override branch for forks
+      shell: bash
+      run: |
+        if [ -z "$CC_BRANCH" ] && [ -z "$CC_TOKEN" ] && [ "$CC_FORK" == 'true' ]
+        then
+          echo -e "\033[0;32m==>\033[0m Fork detected, setting branch to $GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
+          TOKENLESS="$GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
+          CC_BRANCH="$GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
+          echo "TOKENLESS=$TOKENLESS" >> "$GITHUB_ENV"
+        fi
+
+        echo "CC_BRANCH=$CC_BRANCH" >> "$GITHUB_ENV"
+      env:
+        CC_BRANCH: ${{ inputs.override_branch }}
+        GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL: ${{ github.event.pull_request.head.label }}
+        GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME: ${{ github.event.pull_request.head.repo.full_name }}
+        GITHUB_REPOSITORY: ${{ github.repository }}
+
+    - name: Override commits and pr for pull requests
+      shell: bash
+      run: |
+        if [ -z "$CC_SHA" ];
+        then
+          CC_SHA="$GITHUB_EVENT_PULL_REQUEST_HEAD_SHA"
+        fi
+        if [ -z "$CC_PR" ] && [ "${GITHUB_EVENT_NAME}" == "pull_request_target" ];
+        then
+          CC_PR="$GITHUB_EVENT_NUMBER"
+        fi
+
+        echo "CC_SHA=$CC_SHA" >> "$GITHUB_ENV"
+        echo "CC_PR=$CC_PR" >> "$GITHUB_ENV"
+      env:
+        CC_PR: ${{ inputs.override_pr }}
+        CC_SHA: ${{ inputs.override_commit }}
+        GITHUB_EVENT_NAME: ${{ github.event_name }}
+        GITHUB_EVENT_NUMBER: ${{ github.event.number }}
+        GITHUB_EVENT_PULL_REQUEST_HEAD_SHA: ${{ github.event.pull_request.head.sha }}
+
+    - name: Upload coverage to Codecov
+      run: ${GITHUB_ACTION_PATH}/dist/codecov.sh
+      shell: bash
+      working-directory: ${{ inputs.working-directory }}
+      env:
+        CC_BINARY: ${{ inputs.binary }}
+        CC_BUILD: ${{ inputs.override_build }}
+        CC_BUILD_URL: ${{ inputs.override_build_url }}
+        CC_CODE: ${{ inputs.report_code }}
+        CC_DIR: ${{ inputs.directory }}
+        CC_DISABLE_FILE_FIXES: ${{ inputs.disable_file_fixes }}
+        CC_DISABLE_SEARCH: ${{ inputs.disable_search }}
+        CC_DISABLE_TELEM: ${{ inputs.disable_telem }}
+        CC_DRY_RUN: ${{ inputs.dry_run }}
+        CC_ENTERPRISE_URL: ${{ inputs.url }}
+        CC_ENV: ${{ inputs.env_vars }}
+        CC_EXCLUDES: ${{ inputs.exclude }}
+        CC_FAIL_ON_ERROR: ${{ inputs.fail_ci_if_error }}
+        CC_FILES: ${{ inputs.files }}
+        CC_FLAGS: ${{ inputs.flags }}
+        CC_GCOV_ARGS: ${{ inputs.gcov_args }}
+        CC_GCOV_EXECUTABLE: ${{ inputs.gcov_executable }}
+        CC_GCOV_IGNORE: ${{ inputs.gcov_ignore }}
+        CC_GCOV_INCLUDE: ${{ inputs.gcov_include }}
+        CC_GIT_SERVICE: ${{ inputs.git_service }}
+        CC_HANDLE_NO_REPORTS_FOUND: ${{ inputs.handle_no_reports_found }}
+        CC_JOB_CODE: ${{ inputs.job_code }}
+        CC_LEGACY: ${{ inputs.use_legacy_upload_endpoint }}
+        CC_NAME: ${{ inputs.name }}
+        CC_NETWORK_FILTER: ${{ inputs.network_filter }}
+        CC_NETWORK_PREFIX: ${{ inputs.network_prefix }}
+        CC_NETWORK_ROOT_FOLDER: ${{ inputs.root_dir }}
+        CC_OS: ${{ inputs.os }}
+        CC_PARENT_SHA: ${{ inputs.commit_parent }}
+        CC_PLUGINS: ${{ inputs.plugins }}
+        CC_REPORT_TYPE: ${{ inputs.report_type }}
+        CC_SKIP_VALIDATION: ${{ inputs.skip_validation }}
+        CC_SLUG: ${{ inputs.slug }}
+        CC_SWIFT_PROJECT: ${{ inputs.swift_project }}
+        CC_VERBOSE: ${{ inputs.verbose }}
+        CC_VERSION: ${{ inputs.version }}
+        CC_YML_PATH: ${{ inputs.codecov_yml_path }}

changelog.py

@@ -0,0 +1,76 @@
+import json
+import re
+import subprocess
+
+def update_changelog():
+    with open('src/version', 'r') as f:
+        version = f.read()
+    changelog = [f"## v{version}"]
+    changelog.append("### What\'s Changed")
+
+    with open('CHANGELOG.md', 'r') as f:
+        previous = f.readline().replace("##", '').strip()
+
+    if previous == version:
+        print(f"No changes to version {version}")
+        return
+    print(f"Adding logs from {previous}..v{version}")
+
+    raw_current_branch = subprocess.run([
+        "git",
+        "branch",
+        "--show-current",
+    ], capture_output=True)
+    current_branch = raw_current_branch.stdout.decode('utf-8').strip()
+
+    raw_commits = subprocess.run([
+        "git",
+        "log",
+        f"{previous}..{current_branch}",
+        "--oneline",
+    ], capture_output=True)
+    commits = [line[:7] for line in raw_commits.stdout.decode('utf-8').split('\n')]
+    print(commits)
+
+    prs = set()
+    for commit in commits:
+        if not commit:
+            continue
+        commit_output = subprocess.run([
+            'gh',
+            'pr',
+            'list',
+            '--json',
+            'author,number,title,url',
+            '--search',
+            f'"{commit}"',
+            '--state',
+            'merged',
+        ], capture_output=True)
+
+        commit_details = commit_output.stdout.decode('utf-8')
+        if not commit_details or not json.loads(commit_details):
+            continue
+        commit_details = json.loads(commit_details)[0]
+
+
+        if not commit_details['number']:
+            continue
+        if commit_details['number'] in prs:
+            continue
+        prs.add(commit_details['number'])
+        changelog.append(f"* {commit_details['title']} by @{commit_details['author']['login']} in {commit_details['url']}")
+
+    changelog.append('\n')
+    changelog.append(f"**Full Changelog**: https://github.com/codecov/codecov-action/compare/{previous}..v{version}\n")
+
+    with open('CHANGELOG.md', 'r') as f:
+        for line in f:
+            changelog.append(line.strip())
+
+    with open('CHANGELOG.md', 'w') as f:
+        f.write('\n'.join(changelog))
+
+
+if __name__=="__main__":
+    update_changelog()

demo/calculator/calculator.test.ts

@@ -1,11 +1,11 @@
-import Calculator from './calculator'
+import Calculator from './calculator';
 
 test('adds 2 + 3 to equal 5', () => {
-  const calc = new Calculator()
+  const calc = new Calculator();
   expect(calc.add(2, 3)).toBe(5);
 });
 
 test('subtracts 2 - 3 to equal -1', () => {
-  const calc = new Calculator()
+  const calc = new Calculator();
   expect(calc.subtract(2, 3)).toBe(-1);
 });

demo/coverage-test/coverage.test.ts

@@ -0,0 +1,11 @@
+import Coverage from './coverage';
+
+test('test uncovered if', () => {
+  const coverageObj = new Coverage();
+  expect(coverageObj.uncovered_if()).toEqual(false);
+});
+
+test('fully covered', () => {
+  const coverageObj = new Coverage();
+  expect(coverageObj.fully_covered()).toEqual(true);
+});

demo/coverage-test/coverage.ts

@@ -1,4 +1,4 @@
-export default class Index {
+export default class Coverage {
 
   //This function is tested and part of it is uncovered
   uncovered_if = (a = true) => {

dist/codecov.sh

@@ -0,0 +1,226 @@
+#!/usr/bin/env bash
+CC_WRAPPER_VERSION="0.0.32"
+set +u
+say() {
+  echo -e "$1"
+}
+exit_if_error() {
+  say "$r==> $1$x"
+  if [ "$CC_FAIL_ON_ERROR" = true ];
+  then
+     say "$r    Exiting...$x"
+     exit 1;
+  fi
+}
+lower() {
+  echo $(echo $1 | sed 's/CC//' | sed 's/_/-/g' | tr '[:upper:]' '[:lower:]')
+}
+k_arg() {
+  if [ -n "$(eval echo \$"CC_$1")" ];
+  then
+    echo "--$(lower "$1")"
+  fi
+}
+v_arg() {
+  if [ -n "$(eval echo \$"CC_$1")" ];
+  then
+    echo "$(eval echo \$"CC_$1")"
+  fi
+}
+write_truthy_args() {
+  if [ "$(eval echo \$$1)" = "true" ] || [ "$(eval echo \$$1)" = "1" ];
+  then
+    echo "-$(lower $1)"
+  fi
+}
+b="\033[0;36m"  # variables/constants
+g="\033[0;32m"  # info/debug
+r="\033[0;31m"  # errors
+x="\033[0m"
+say "     _____          _
+    / ____|        | |
+   | |     ___   __| | ___  ___ _____   __
+   | |    / _ \\ / _\` |/ _ \\/ __/ _ \\ \\ / /
+   | |___| (_) | (_| |  __/ (_| (_) \\ V /
+    \\_____\\___/ \\__,_|\\___|\\___\\___/ \\_/
+                           $r Wrapper-$CC_WRAPPER_VERSION$x
+                                  "
+CC_VERSION="${CC_VERSION:-latest}"
+CC_FAIL_ON_ERROR="${CC_FAIL_ON_ERROR:-false}"
+if [ -n "$CC_BINARY" ];
+then
+  if [ -f "$CC_BINARY" ];
+  then
+    cc_filename=$CC_BINARY
+    cc_command=$CC_BINARY
+  else
+    exit_if_error "Could not find binary file $CC_BINARY"
+  fi
+else
+  if [ -n "$CC_OS" ];
+  then
+    say "$g==>$x Overridden OS: $b${CC_OS}$x"
+  else
+    CC_OS="windows"
+    family=$(uname -s | tr '[:upper:]' '[:lower:]')
+    [[ $family == "darwin" ]] && CC_OS="macos"
+    [[ $family == "linux" ]] && CC_OS="linux"
+    [[ $CC_OS == "linux" ]] && \
+      osID=$(grep -e "^ID=" /etc/os-release | cut -c4-)
+    [[ $osID == "alpine" ]] && CC_OS="alpine"
+    [[ $(arch) == "aarch64" && $family == "linux" ]] && CC_OS+="-arm64"
+    say "$g==>$x Detected $b${CC_OS}$x"
+  fi
+  cc_filename="codecov"
+  [[ $CC_OS == "windows" ]] && cc_filename+=".exe"
+  cc_command="./$cc_filename"
+  [[ $CC_OS == "macos" ]]  && \
+    ! command -v gpg 2>&1 >/dev/null && \
+    HOMEBREW_NO_AUTO_UPDATE=1 brew install gpg
+  cc_url="https://cli.codecov.io"
+  cc_url="$cc_url/${CC_VERSION}"
+  cc_url="$cc_url/${CC_OS}/${cc_filename}"
+  say "$g ->$x Downloading $b${cc_url}$x"
+  curl -Os "$cc_url"
+  say "$g==>$x Finishing downloading $b${CC_OS}:${CC_VERSION}$x"
+  version_url="https://cli.codecov.io/api/${CC_OS}/${CC_VERSION}"
+  version=$(curl -s "$version_url" -H "Accept:application/json" | jq -r '.version')
+  say "      Version: $b$version$x"
+  say " "
+fi
+if [ "$CC_SKIP_VALIDATION" = "true" ] || [ -n "$CC_BINARY" ];
+then
+  say "$r==>$x Bypassing validation as requested by user"
+else
+CC_PUBLIC_PGP_KEY=$(curl -s https://keybase.io/codecovsecurity/pgp_keys.asc)
+  echo "${CC_PUBLIC_PGP_KEY}"  | \
+    gpg --no-default-keyring --import
+  # One-time step
+  say "$g==>$x Verifying GPG signature integrity"
+  sha_url="https://cli.codecov.io"
+  sha_url="${sha_url}/${CC_VERSION}/${CC_OS}"
+  sha_url="${sha_url}/${cc_filename}.SHA256SUM"
+  say "$g ->$x Downloading $b${sha_url}$x"
+  say "$g ->$x Downloading $b${sha_url}.sig$x"
+  say " "
+  curl -Os --retry 5 --retry-delay 2 --connect-timeout 2 "$sha_url"
+  curl -Os --retry 5 --retry-delay 2 --connect-timeout 2 "${sha_url}.sig"
+  if ! gpg --verify "${cc_filename}.SHA256SUM.sig" "${cc_filename}.SHA256SUM";
+  then
+    exit_if_error "Could not verify signature. Please contact Codecov if problem continues"
+  fi
+  if ! (shasum -a 256 -c "${cc_filename}.SHA256SUM" 2>/dev/null || \
+    sha256sum -c "${cc_filename}.SHA256SUM");
+  then
+    exit_if_error "Could not verify SHASUM. Please contact Codecov if problem continues"
+  fi
+  say "$g==>$x CLI integrity verified"
+  say
+fi
+if [ -n "$CC_BINARY_LOCATION" ];
+then
+  mkdir -p "$CC_BINARY_LOCATION" && mv "$cc_filename" $_
+  say "$g==>$x Codecov binary moved to ${CC_BINARY_LOCATION}"
+fi
+if [ "$CC_DOWNLOAD_ONLY" = "true" ];
+then
+  say "$g==>$x Codecov download only called. Exiting..."
+fi
+cc_cli_args=()
+cc_cli_args+=( $(k_arg AUTO_LOAD_PARAMS_FROM) $(v_arg AUTO_LOAD_PARAMS_FROM))
+cc_cli_args+=( $(k_arg ENTERPRISE_URL) $(v_arg ENTERPRISE_URL))
+if [ -n "$CC_YML_PATH" ]
+then
+  cc_cli_args+=( "--codecov-yml-path" )
+  cc_cli_args+=( "$CC_YML_PATH" )
+fi
+cc_cli_args+=( $(write_truthy_args CC_DISABLE_TELEM) )
+cc_cli_args+=( $(write_truthy_args CC_VERBOSE) )
+cc_uc_args=()
+# Args for create commit
+cc_uc_args+=( $(write_truthy_args CC_FAIL_ON_ERROR) )
+cc_uc_args+=( $(k_arg GIT_SERVICE) $(v_arg GIT_SERVICE))
+cc_uc_args+=( $(k_arg PARENT_SHA) $(v_arg PARENT_SHA))
+cc_uc_args+=( $(k_arg PR) $(v_arg PR))
+cc_uc_args+=( $(k_arg SHA) $(v_arg SHA))
+cc_uc_args+=( $(k_arg SLUG) $(v_arg SLUG))
+# Args for create report
+cc_uc_args+=( $(k_arg CODE) $(v_arg CODE))
+# Args for do upload
+cc_uc_args+=( $(k_arg ENV) $(v_arg ENV))
+OLDIFS=$IFS;IFS=,
+cc_uc_args+=( $(k_arg BRANCH) $(v_arg BRANCH))
+cc_uc_args+=( $(k_arg BUILD) $(v_arg BUILD))
+cc_uc_args+=( $(k_arg BUILD_URL) $(v_arg BUILD_URL))
+cc_uc_args+=( $(k_arg DIR) $(v_arg DIR))
+cc_uc_args+=( $(write_truthy_args CC_DISABLE_FILE_FIXES) )
+cc_uc_args+=( $(write_truthy_args CC_DISABLE_SEARCH) )
+cc_uc_args+=( $(write_truthy_args CC_DRY_RUN) )
+if [ -n "$CC_EXCLUDES" ];
+then
+  for directory in $CC_EXCLUDES; do
+    cc_uc_args+=( "--exclude" "$directory" )
+  done
+fi
+if [ -n "$CC_FILES" ];
+then
+  for file in $CC_FILES; do
+    cc_uc_args+=( "--file" "$file" )
+  done
+fi
+if [ -n "$CC_FLAGS" ];
+then
+  for flag in $CC_FLAGS; do
+    cc_uc_args+=( "--flag" "$flag" )
+  done
+fi
+cc_uc_args+=( $(k_arg GCOV_ARGS) $(v_arg GCOV_ARGS))
+cc_uc_args+=( $(k_arg GCOV_EXECUTABLE) $(v_arg GCOV_EXECUTABLE))
+cc_uc_args+=( $(k_arg GCOV_IGNORE) $(v_arg GCOV_IGNORE))
+cc_uc_args+=( $(k_arg GCOV_INCLUDE) $(v_arg GCOV_INCLUDE))
+cc_uc_args+=( $(write_truthy_args CC_HANDLE_NO_REPORTS_FOUND) )
+cc_uc_args+=( $(k_arg JOB_CODE) $(v_arg JOB_CODE))
+cc_uc_args+=( $(write_truthy_args CC_LEGACY) )
+if [ -n "$CC_NAME" ];
+then
+  cc_uc_args+=( "--name" "$CC_NAME" )
+fi
+cc_uc_args+=( $(k_arg NETWORK_FILTER) $(v_arg NETWORK_FILTER))
+cc_uc_args+=( $(k_arg NETWORK_PREFIX) $(v_arg NETWORK_PREFIX))
+cc_uc_args+=( $(k_arg NETWORK_ROOT_FOLDER) $(v_arg NETWORK_ROOT_FOLDER))
+if [ -n "$CC_PLUGINS" ];
+then
+  for plugin in $CC_PLUGINS; do
+    cc_uc_args+=( "--plugin" "$plugin" )
+  done
+fi
+cc_uc_args+=( $(k_arg REPORT_TYPE) $(v_arg REPORT_TYPE))
+cc_uc_args+=( $(k_arg SWIFT_PROJECT) $(v_arg SWIFT_PROJECT))
+IFS=$OLDIFS
+unset NODE_OPTIONS
+# See https://github.com/codecov/uploader/issues/475
+chmod +x $cc_command
+if [ -n "$CC_TOKEN_VAR" ];
+then
+  token="$(eval echo \$$CC_TOKEN_VAR)"
+else
+  token="$(eval echo $CC_TOKEN)"
+fi
+say "$g ->$x Token of length ${#token} detected"
+token_str=""
+token_arg=()
+if [ -n "$token" ];
+then
+  token_str+=" -t <redacted>"
+  token_arg+=( " -t " "$token")
+fi
+say "$g==>$x Running upload-coverage"
+say "      $b$cc_command $(echo "${cc_cli_args[@]}") upload-coverage$token_str $(echo "${cc_uc_args[@]}")$x"
+if ! $cc_command \
+  ${cc_cli_args[*]} \
+  upload-coverage \
+  ${token_arg[*]} \
+  "${cc_uc_args[@]}";
+then
+  exit_if_error "Failed to upload coverage"
+fi

hooks/pre-commit

@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+
+set -e
+
+cp src/scripts/dist/codecov.sh dist/codecov.sh
+git add dist/codecov.sh
+
+git diff --cached --name-only | if grep --quiet "src/version"
+then
+    python changelog.py
+fi
+
+git add CHANGELOG.md

index.js

@@ -1,172 +0,0 @@
-const core = require("@actions/core");
-const exec = require("@actions/exec");
-const fs = require("fs");
-const request = require('requestretry');
-
-let fail_ci;
-try {
-  const name = core.getInput("name");
-  const token = core.getInput("token");
-  const flags = core.getInput("flags");
-  const file = core.getInput("file");
-  const files = core.getInput("files");
-  const env_vars = core.getInput("env_vars");
-  const dir = core.getInput("directory");
-  const write_path = core.getInput("path_to_write_report");
-  const verbose = core.getInput("verbose");
-
-  fail_ci = core.getInput("fail_ci_if_error").toLowerCase();
-
-  if (
-    fail_ci === "yes" ||
-    fail_ci === "y" ||
-    fail_ci === "true" ||
-    fail_ci === "t" ||
-    fail_ci === "1"
-  ) {
-    fail_ci = true;
-  } else {
-    fail_ci = false;
-  }
-
-  request({
-    json: false,
-    maxAttempts: 10,
-    timeout: 3000,
-    url: "https://codecov.io/bash"
-  }, (error, response, body) => {
-    try {
-      if (error && fail_ci) {
-        throw error;
-      } else if (error) {
-        core.warning(`Codecov warning: ${error.message}`);
-      }
-
-      fs.writeFile("codecov.sh", body, err => {
-        if (err && fail_ci) {
-          throw err;
-        } else if (err) {
-          core.warning(`Codecov warning: ${err.message}`);
-        }
-
-        let output = "";
-        let execError = "";
-        const options = {};
-        options.listeners = {
-          stdout: data => {
-            output += data.toString();
-          },
-          stderr: data => {
-            execError += data.toString();
-          }
-        };
-
-        options.env = Object.assign(process.env, {
-          GITHUB_ACTION: process.env.GITHUB_ACTION,
-          GITHUB_RUN_ID: process.env.GITHUB_RUN_ID,
-          GITHUB_REF: process.env.GITHUB_REF,
-          GITHUB_REPOSITORY: process.env.GITHUB_REPOSITORY,
-          GITHUB_SHA: process.env.GITHUB_SHA,
-          GITHUB_HEAD_REF: process.env.GITHUB_HEAD_REF || ''
-        });
-
-        if(token){
-          options.env.CODECOV_TOKEN = token
-        }
-
-        const env_vars_arg = []
-        for (let env_var of env_vars.split(",")) {
-          let env_var_clean = env_var.trim();
-          if (env_var_clean) {
-            options.env[env_var_clean] = process.env[env_var_clean];
-            env_vars_arg.push(env_var_clean)
-          }
-        }
-
-        const execArgs = ["codecov.sh"];
-        if (file) {
-          execArgs.push(
-            "-f", `${file}`
-          );
-        }
-
-        if (files) {
-          files.split(',').forEach(f => {
-            execArgs.push(
-              "-f", `${f}`
-            );
-          });
-        }
-
-        if (dir) {
-          execArgs.push(
-            "-s", `${dir}`
-          );
-        }
-
-        execArgs.push(
-          "-n", `${name}`,
-          "-F", `${flags}`
-        );
-
-        if (fail_ci) {
-          execArgs.push(
-            "-Z"
-          );
-        }
-
-        if (env_vars_arg.length) {
-          execArgs.push(
-            "-e", env_vars_arg.join(",")
-          );
-        }
-
-        if (write_path) {
-          execArgs.push(
-            "-q", `${write_path}`
-          );
-        }
-
-        if (verbose) {
-          execArgs.push(
-            "-v"
-          );
-        }
-
-        exec.exec("bash", execArgs, options)
-          .catch(err => {
-            if (fail_ci) {
-              core.setFailed(
-                `Codecov failed with the following error: ${err.message}`
-              );
-            } else {
-              core.warning(`Codecov warning: ${err.message}`);
-            }
-          })
-          .then(() => {
-            unlinkFile();
-          });
-
-        const unlinkFile = () => {
-          fs.unlink("codecov.sh", err => {
-            if (err && fail_ci) {
-              throw err;
-            } else if (err) {
-              core.warning(`Codecov warning: ${err.message}`);
-            }
-          });
-        };
-      });
-    } catch (error) {
-      core.setFailed(
-        `Codecov failed with the following error: ${error.message}`
-      );
-    }
-  });
-} catch (error) {
-  if (fail_ci) {
-    core.setFailed(`Codecov failed with the following error: ${error.message}`);
-  } else {
-    core.warning(`Codecov warning: ${error.message}`);
-  }
-}

install.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+
+if ! [ -e .git ]; then
+    echo "Please run this from repo root directory"
+    exit 1
+fi
+
+cd .git/hooks
+for i in pre-commit; do
+    rm -fv $i
+    ln -sv ../../hooks/$i
+done

jest.config.js

@@ -1,4 +0,0 @@
-module.exports = {
-  preset: 'ts-jest',
-  testEnvironment: 'node',
-}

package.json

@@ -1,39 +0,0 @@
-{
-  "name": "codecov-action",
-  "version": "1.0.14",
-  "description": "Upload coverage reports to Codecov from GitHub Actions",
-  "main": "index.js",
-  "scripts": {
-    "test": "jest --coverage",
-    "test-calculator": "jest --testPathPattern=src/calculator/ --coverage --coverageDirectory=coverage/calculator",
-    "test-index": "jest --testPathPattern=src/index --coverage --coverageDirectory=coverage/index",
-    "test-all": "yarn run test && yarn run test-calculator && yarn run test-index",
-    "build": "ncc build index.js"
-  },
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/codecov/codecov-action.git"
-  },
-  "keywords": [],
-  "author": "Ibrahim Ali",
-  "license": "MIT",
-  "bugs": {
-    "url": "https://github.com/codecov/codecov-action/issues"
-  },
-  "homepage": "https://github.com/codecov/codecov-action#readme",
-  "dependencies": {
-    "@actions/core": "^1.2.6",
-    "@actions/exec": "^1.0.4",
-    "@types/jest": "^26.0.14",
-    "@zeit/ncc": "^0.22.3",
-    "fs": "0.0.1-security",
-    "jest": "^26.5.3",
-    "jest-junit": "^12.0.0",
-    "request": "^2.88.2",
-    "requestretry": "^4.1.1",
-    "ts-jest": "^26.4.1",
-    "typescript": "^4.0.3",
-    "yarn": "^1.22.10"
-  },
-  "devDependencies": {}
-}

src/index/index.test.ts

@@ -1,11 +0,0 @@
-import Index from "./index";
-
-test('test uncovered if', () => {
-  const indexObj = new Index();
-  expect(indexObj.uncovered_if()).toEqual(false);
-});
-
-test('fully covered', () => {
-  const indexObj = new Index();
-  expect(indexObj.fully_covered()).toEqual(true);
-});

src/version

@@ -0,0 +1 @@
+5.1.2