chore(release): 4.1.1 (#1344)

Signed-off-by: Martin Kröning <martin.kroening@eonerc.rwth-aachen.de>

.github/workflows/codeql-analysis.yml

@@ -37,11 +37,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4.1.1
+      uses: actions/checkout@v4.1.2
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3.24.3
+      uses: github/codeql-action/init@v3.24.9
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -52,7 +52,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v3.24.3
+      uses: github/codeql-action/autobuild@v3.24.9
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -66,4 +66,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3.24.3
+      uses: github/codeql-action/analyze@v3.24.9

.github/workflows/main.yml

@@ -8,7 +8,47 @@ jobs:
         os: [macos-latest, windows-latest, ubuntu-latest, macos-latest-xlarge]
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.2
+      - name: Install dependencies
+        run: npm install
+      - name: Lint
+        run: npm run lint
+      - name: Run tests and collect coverage
+        run: npm run test
+      - name: Upload coverage to Codecov (script)
+        uses: ./
+        with:
+          files: ./coverage/script/coverage-final.json
+          flags: script,${{ matrix.os }}
+          name: codecov-script
+          verbose: true
+          token: ${{ secrets.CODECOV_TOKEN }}
+      - name: Upload coverage to Codecov (demo)
+        uses: ./
+        with:
+          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json
+          file: ./coverage/coverage-final.json
+          flags: demo,${{ matrix.os }}
+          name: codecov-demo
+          verbose: true
+          token: ${{ secrets.CODECOV_TOKEN }}
+      - name: Upload coverage to Codecov (version)
+        uses: ./
+        with:
+          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json
+          file: ./coverage/coverage-final.json
+          flags: version,${{ matrix.os }}
+          name: codecov-version
+          version: v0.2.0
+          verbose: true
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+  run-container:
+    runs-on: ubuntu-latest
+    container: node:18
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4.1.2
       - name: Install dependencies
         run: npm install
       - name: Lint

.github/workflows/scorecards-analysis.yml

@@ -24,7 +24,7 @@ jobs:
     
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@v4.1.1 # v3.0.0
+        uses: actions/checkout@v4.1.2 # v3.0.0
         with:
           persist-credentials: false
 
@@ -56,6 +56,6 @@ jobs:
       
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@v3.24.3 # v1.0.26
+        uses: github/codeql-action/upload-sarif@v3.24.9 # v1.0.26
         with:
           sarif_file: results.sarif

README.md

@@ -95,7 +95,7 @@ Codecov's Action supports inputs from the user. These inputs, along with their d
 | `plugin` | plugins to run. Options: xcode, gcov, pycoverage. The default behavior runs them all. | Optional 
 | `plugins` | Comma-separated list of plugins for use during upload. | Optional 
 | `report_code` | The code of the report. If unsure, do not include | Optional 
-| `root_dir` | Used when not in git/hg project to identify project root directory | Optional 
+| `root_dir` | Used to specify the location of your   .git   root to identify project root directory | Optional 
 | `slug` | Specify the slug manually (Enterprise use) | Optional 
 | `url` | Specify the base url to upload (Enterprise use) | Optional 
 | `use_legacy_upload_endpoint` | Use the legacy upload endpoint | Optional 

action.yml

@@ -14,11 +14,14 @@ inputs:
   directory:
     description: 'Directory to search for coverage reports.'
     required: false
+  disable_file_fixes:
+    description: 'Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets)'
+    required: false
   disable_search:
     description: 'Disable search for coverage files. This is helpful when specifying what files you want to upload with the --file option.'
     required: false
-  disable_file_fixes:
-    description: 'Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets)'
+  disable_safe_directory:
+    description: 'Disable setting safe directory. Set to true to disable.'
     required: false
   dry_run:
     description: "Don't upload files to Codecov"
@@ -41,6 +44,9 @@ inputs:
   flags:
     description: 'Flag upload to group coverage metrics (e.g. unittests | integration | ui,chrome)'
     required: false
+  git_service:
+    description: 'Override the git_service (e.g. github_enterprise)'
+    required: false
   handle_no_reports_found:
     description: 'Raise no exceptions when no coverage reports found'
     required: false

dist/index.js

@@ -21064,6 +21064,9 @@ function httpRedirectFetch (fetchParams, response) {
     // https://fetch.spec.whatwg.org/#cors-non-wildcard-request-header-name
     request.headersList.delete('authorization')
 
+    // https://fetch.spec.whatwg.org/#authentication-entries
+    request.headersList.delete('proxy-authorization', true)
+
     // "Cookie" and "Host" are forbidden request-headers, which undici doesn't implement.
     request.headersList.delete('cookie')
     request.headersList.delete('host')
@@ -32261,6 +32264,7 @@ const isTrue = (variable) => {
 };
 const buildCommitExec = () => {
     const commitParent = core.getInput('commit_parent');
+    const gitService = core.getInput('git_service');
     const overrideBranch = core.getInput('override_branch');
     const overrideCommit = core.getInput('override_commit');
     const overridePr = core.getInput('override_pr');
@@ -32285,6 +32289,7 @@ const buildCommitExec = () => {
     if (commitParent) {
         commitExecArgs.push('--parent-sha', `${commitParent}`);
     }
+    commitExecArgs.push('--git-service', `${gitService ? gitService : 'github'}`);
     if (overrideBranch) {
         commitExecArgs.push('-B', `${overrideBranch}`);
     }
@@ -32329,6 +32334,7 @@ const buildGeneralExec = () => {
     return { args, verbose };
 };
 const buildReportExec = () => {
+    const gitService = core.getInput('git_service');
     const overrideCommit = core.getInput('override_commit');
     const overridePr = core.getInput('override_pr');
     const slug = core.getInput('slug');
@@ -32349,6 +32355,7 @@ const buildReportExec = () => {
     if (token) {
         reportOptions.env.CODECOV_TOKEN = token;
     }
+    reportExecArgs.push('--git-service', `${gitService ? gitService : 'github'}`);
     if (overrideCommit) {
         reportExecArgs.push('-C', `${overrideCommit}`);
     }
@@ -32375,6 +32382,7 @@ const buildReportExec = () => {
 };
 const buildUploadExec = () => {
     const disableFileFixes = isTrue(core.getInput('disable_file_fixes'));
+    const disableSafeDirectory = isTrue(core.getInput('disable_safe_directory'));
     const disableSearch = isTrue(core.getInput('disable_search'));
     const dryRun = isTrue(core.getInput('dry_run'));
     const envVars = core.getInput('env_vars');
@@ -32383,6 +32391,7 @@ const buildUploadExec = () => {
     const file = core.getInput('file');
     const files = core.getInput('files');
     const flags = core.getInput('flags');
+    const gitService = core.getInput('git_service');
     const handleNoReportsFound = isTrue(core.getInput('handle_no_reports_found'));
     const jobCode = core.getInput('job_code');
     const name = core.getInput('name');
@@ -32455,6 +32464,7 @@ const buildUploadExec = () => {
             uploadExecArgs.push('-F', `${f}`);
         });
     }
+    uploadExecArgs.push('--git-service', `${gitService ? gitService : 'github'}`);
     if (handleNoReportsFound) {
         uploadExecArgs.push('--handle-no-reports-found');
     }
@@ -32518,6 +32528,7 @@ const buildUploadExec = () => {
     return {
         uploadExecArgs,
         uploadOptions,
+        disableSafeDirectory,
         failCi,
         os,
         uploaderVersion,
@@ -32527,6 +32538,16 @@ const buildUploadExec = () => {
 
 
 ;// CONCATENATED MODULE: ./src/helpers.ts
+var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+
 
 const PLATFORMS = [
     'linux',
@@ -32578,6 +32599,18 @@ const getCommand = (filename, generalArgs, command) => {
     core.info(`==> Running command '${fullCommand.join(' ')}'`);
     return fullCommand;
 };
+const setSafeDirectory = () => __awaiter(void 0, void 0, void 0, function* () {
+    const command = ([
+        'git',
+        'config',
+        '--global',
+        '--add',
+        'safe.directory',
+        `${process.env['GITHUB_WORKSPACE']}`,
+    ].join(' '));
+    core.info(`==> Running ${command}`);
+    yield exec.exec(command);
+});
 
 
 // EXTERNAL MODULE: external "crypto"
@@ -32587,7 +32620,7 @@ var gpg = __nccwpck_require__(40);
 // EXTERNAL MODULE: ./node_modules/undici/index.js
 var undici = __nccwpck_require__(1773);
 ;// CONCATENATED MODULE: ./src/validate.ts
-var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
+var validate_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
     function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
     return new (P || (P = Promise))(function (resolve, reject) {
         function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
@@ -32603,7 +32636,7 @@ var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _argume
 
 
 
-const verify = (filename, platform, version, verbose, failCi) => __awaiter(void 0, void 0, void 0, function* () {
+const verify = (filename, platform, version, verbose, failCi) => validate_awaiter(void 0, void 0, void 0, function* () {
     try {
         const uploaderName = getUploaderName(platform);
         // Get SHASUM and SHASUM signature files
@@ -32620,8 +32653,8 @@ const verify = (filename, platform, version, verbose, failCi) => __awaiter(void
             console.log(`Received SHA256SUM signature ${shaSig}`);
         }
         yield external_fs_.writeFileSync(external_path_.join(__dirname, `${uploaderName}.SHA256SUM.sig`), shaSig);
-        const validateSha = () => __awaiter(void 0, void 0, void 0, function* () {
-            const calculateHash = (filename) => __awaiter(void 0, void 0, void 0, function* () {
+        const validateSha = () => validate_awaiter(void 0, void 0, void 0, function* () {
+            const calculateHash = (filename) => validate_awaiter(void 0, void 0, void 0, function* () {
                 const stream = external_fs_.createReadStream(filename);
                 const uploaderSha = external_crypto_.createHash(`sha256`);
                 stream.pipe(uploaderSha);
@@ -32646,7 +32679,7 @@ const verify = (filename, platform, version, verbose, failCi) => __awaiter(void
                 '--verify',
                 external_path_.join(__dirname, `${uploaderName}.SHA256SUM.sig`),
                 external_path_.join(__dirname, `${uploaderName}.SHA256SUM`),
-            ], (err, verifyResult) => __awaiter(void 0, void 0, void 0, function* () {
+            ], (err, verifyResult) => validate_awaiter(void 0, void 0, void 0, function* () {
                 if (err) {
                     setFailure('Codecov: Error importing pgp key', failCi);
                 }
@@ -32661,7 +32694,7 @@ const verify = (filename, platform, version, verbose, failCi) => __awaiter(void
             '--no-default-keyring',
             '--import',
             __nccwpck_require__.ab + "pgp_keys.asc",
-        ], (err, importResult) => __awaiter(void 0, void 0, void 0, function* () {
+        ], (err, importResult) => validate_awaiter(void 0, void 0, void 0, function* () {
             if (err) {
                 setFailure('Codecov: Error importing pgp key', failCi);
             }
@@ -32688,11 +32721,9 @@ var version_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _
 
 
 const versionInfo = (platform, version) => version_awaiter(void 0, void 0, void 0, function* () {
-    if (version) {
     core.info(`==> Running version ${version}`);
-    }
     try {
-        const metadataRes = yield (0,undici.request)(`https://cli.codecov.io/${platform}/latest`, {
+        const metadataRes = yield (0,undici.request)(`https://cli.codecov.io/${platform}/${version}`, {
             headers: { 'Accept': 'application/json' },
         });
         const metadata = yield metadataRes.body.json();
@@ -32726,7 +32757,7 @@ let failCi;
 try {
     const { commitExecArgs, commitOptions, commitCommand } = buildCommitExec();
     const { reportExecArgs, reportOptions, reportCommand } = buildReportExec();
-    const { uploadExecArgs, uploadOptions, failCi, os, uploaderVersion, uploadCommand, } = buildUploadExec();
+    const { uploadExecArgs, uploadOptions, disableSafeDirectory, failCi, os, uploaderVersion, uploadCommand, } = buildUploadExec();
     const { args, verbose } = buildGeneralExec();
     const platform = getPlatform(os);
     const filename = external_path_.join(__dirname, getUploaderName(platform));
@@ -32742,6 +32773,9 @@ try {
             yield validate(filename, platform, uploaderVersion, verbose, failCi);
             yield version(platform, uploaderVersion);
             yield external_fs_.chmodSync(filename, '777');
+            if (!disableSafeDirectory) {
+                yield setSafeDirectory();
+            }
             const unlink = () => {
                 external_fs_.unlink(filename, (err) => {
                     if (err) {

package-lock.json

@@ -1,31 +1,31 @@
 {
   "name": "codecov-action",
-  "version": "4.0.2",
+  "version": "4.1.1",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "codecov-action",
-      "version": "4.0.2",
+      "version": "4.1.1",
       "license": "MIT",
       "dependencies": {
         "@actions/core": "^1.10.1",
         "@actions/exec": "^1.1.1",
         "@actions/github": "^6.0.0",
         "gpg": "^0.6.0",
-        "undici": "5.28.2"
+        "undici": "5.28.3"
       },
       "devDependencies": {
         "@types/jest": "^29.5.12",
         "@typescript-eslint/eslint-plugin": "^7.0.0",
         "@typescript-eslint/parser": "^6.21.0",
         "@vercel/ncc": "^0.38.1",
-        "eslint": "^8.56.0",
+        "eslint": "^8.57.0",
         "eslint-config-google": "^0.14.0",
         "jest": "^29.7.0",
         "jest-junit": "^16.0.0",
         "ts-jest": "^29.1.2",
-        "typescript": "^5.3.3"
+        "typescript": "^5.4.3"
       }
     },
     "node_modules/@aashutoshrathi/word-wrap": {
@@ -795,9 +795,9 @@
       }
     },
     "node_modules/@eslint/js": {
-      "version": "8.56.0",
-      "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.56.0.tgz",
-      "integrity": "sha512-gMsVel9D7f2HLkBma9VbtzZRehRogVRfbr++f06nL2vnCGCNlzOD+/MUov/F4p8myyAHspEhVobgjpX64q5m6A==",
+      "version": "8.57.0",
+      "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.57.0.tgz",
+      "integrity": "sha512-Ys+3g2TaW7gADOJzPt83SJtCDhMjndcDMFVQ/Tj9iA1BfJzFKD9mAUXT3OenpuPHbI6P/myECxRJrofUsDx/5g==",
       "dev": true,
       "engines": {
         "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
@@ -812,13 +812,13 @@
       }
     },
     "node_modules/@humanwhocodes/config-array": {
-      "version": "0.11.13",
-      "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.13.tgz",
-      "integrity": "sha512-JSBDMiDKSzQVngfRjOdFXgFfklaXI4K9nLF49Auh21lmBWRLIK3+xTErTWD4KU54pb6coM6ESE7Awz/FNU3zgQ==",
+      "version": "0.11.14",
+      "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.14.tgz",
+      "integrity": "sha512-3T8LkOmg45BV5FICb15QQMsyUSWrQ8AygVfC7ZG32zOalnqrilm018ZVCw0eapXux8FtA33q8PSRSstjee3jSg==",
       "dev": true,
       "dependencies": {
-        "@humanwhocodes/object-schema": "^2.0.1",
-        "debug": "^4.1.1",
+        "@humanwhocodes/object-schema": "^2.0.2",
+        "debug": "^4.3.1",
         "minimatch": "^3.0.5"
       },
       "engines": {
@@ -839,9 +839,9 @@
       }
     },
     "node_modules/@humanwhocodes/object-schema": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-2.0.1.tgz",
-      "integrity": "sha512-dvuCeX5fC9dXgJn9t+X5atfmgQAzUOWqS1254Gh0m6i8wKd10ebXkfNKiRK+1GWi/yTvvLDHpoxLr0xxxeslWw==",
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-2.0.2.tgz",
+      "integrity": "sha512-6EwiSjwWYP7pTckG6I5eyFANjPhmPjUX9JRLUSfNPC7FX7zK9gyZAfUEaECL6ALTpGX5AjnBq3C9XmVWPitNpw==",
       "dev": true
     },
     "node_modules/@istanbuljs/load-nyc-config": {
@@ -2691,16 +2691,16 @@
       }
     },
     "node_modules/eslint": {
-      "version": "8.56.0",
-      "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.56.0.tgz",
-      "integrity": "sha512-Go19xM6T9puCOWntie1/P997aXxFsOi37JIHRWI514Hc6ZnaHGKY9xFhrU65RT6CcBEzZoGG1e6Nq+DT04ZtZQ==",
+      "version": "8.57.0",
+      "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.57.0.tgz",
+      "integrity": "sha512-dZ6+mexnaTIbSBZWgou51U6OmzIhYM2VcNdtiTtI7qPNZm35Akpr0f6vtw3w1Kmn5PYo+tZVfh13WrhpS6oLqQ==",
       "dev": true,
       "dependencies": {
         "@eslint-community/eslint-utils": "^4.2.0",
         "@eslint-community/regexpp": "^4.6.1",
         "@eslint/eslintrc": "^2.1.4",
-        "@eslint/js": "8.56.0",
-        "@humanwhocodes/config-array": "^0.11.13",
+        "@eslint/js": "8.57.0",
+        "@humanwhocodes/config-array": "^0.11.14",
         "@humanwhocodes/module-importer": "^1.0.1",
         "@nodelib/fs.walk": "^1.2.8",
         "@ungap/structured-clone": "^1.2.0",
@@ -5103,9 +5103,9 @@
       }
     },
     "node_modules/typescript": {
-      "version": "5.3.3",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.3.3.tgz",
-      "integrity": "sha512-pXWcraxM0uxAS+tN0AG/BF2TyqmHO014Z070UsJ+pFvYuRSq8KH8DmWpnbXe0pEPDHXZV3FcAbJkijJ5oNEnWw==",
+      "version": "5.4.3",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.4.3.tgz",
+      "integrity": "sha512-KrPd3PKaCLr78MalgiwJnA25Nm8HAmdwN3mYUYZgG/wizIo9EainNVQI9/yDavtVFRN2h3k8uf3GLHuhDMgEHg==",
       "dev": true,
       "bin": {
         "tsc": "bin/tsc",
@@ -5116,9 +5116,9 @@
       }
     },
     "node_modules/undici": {
-      "version": "5.28.2",
-      "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.2.tgz",
-      "integrity": "sha512-wh1pHJHnUeQV5Xa8/kyQhO7WFa8M34l026L5P/+2TYiakvGy5Rdc8jWZVyG7ieht/0WgJLEd3kcU5gKx+6GC8w==",
+      "version": "5.28.3",
+      "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.3.tgz",
+      "integrity": "sha512-3ItfzbrhDlINjaP0duwnNsKpDQk3acHI3gVJ1z4fmwMK31k5G9OVIAMLSIaP6w4FaGkaAkN6zaQO9LUvZ1t7VA==",
       "dependencies": {
         "@fastify/busboy": "^2.0.0"
       },
@@ -5915,9 +5915,9 @@
       }
     },
     "@eslint/js": {
-      "version": "8.56.0",
-      "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.56.0.tgz",
-      "integrity": "sha512-gMsVel9D7f2HLkBma9VbtzZRehRogVRfbr++f06nL2vnCGCNlzOD+/MUov/F4p8myyAHspEhVobgjpX64q5m6A==",
+      "version": "8.57.0",
+      "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.57.0.tgz",
+      "integrity": "sha512-Ys+3g2TaW7gADOJzPt83SJtCDhMjndcDMFVQ/Tj9iA1BfJzFKD9mAUXT3OenpuPHbI6P/myECxRJrofUsDx/5g==",
       "dev": true
     },
     "@fastify/busboy": {
@@ -5926,13 +5926,13 @@
       "integrity": "sha512-JUFJad5lv7jxj926GPgymrWQxxjPYuJNiNjNMzqT+HiuP6Vl3dk5xzG+8sTX96np0ZAluvaMzPsjhHZ5rNuNQQ=="
     },
     "@humanwhocodes/config-array": {
-      "version": "0.11.13",
-      "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.13.tgz",
-      "integrity": "sha512-JSBDMiDKSzQVngfRjOdFXgFfklaXI4K9nLF49Auh21lmBWRLIK3+xTErTWD4KU54pb6coM6ESE7Awz/FNU3zgQ==",
+      "version": "0.11.14",
+      "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.14.tgz",
+      "integrity": "sha512-3T8LkOmg45BV5FICb15QQMsyUSWrQ8AygVfC7ZG32zOalnqrilm018ZVCw0eapXux8FtA33q8PSRSstjee3jSg==",
       "dev": true,
       "requires": {
-        "@humanwhocodes/object-schema": "^2.0.1",
-        "debug": "^4.1.1",
+        "@humanwhocodes/object-schema": "^2.0.2",
+        "debug": "^4.3.1",
         "minimatch": "^3.0.5"
       }
     },
@@ -5943,9 +5943,9 @@
       "dev": true
     },
     "@humanwhocodes/object-schema": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-2.0.1.tgz",
-      "integrity": "sha512-dvuCeX5fC9dXgJn9t+X5atfmgQAzUOWqS1254Gh0m6i8wKd10ebXkfNKiRK+1GWi/yTvvLDHpoxLr0xxxeslWw==",
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-2.0.2.tgz",
+      "integrity": "sha512-6EwiSjwWYP7pTckG6I5eyFANjPhmPjUX9JRLUSfNPC7FX7zK9gyZAfUEaECL6ALTpGX5AjnBq3C9XmVWPitNpw==",
       "dev": true
     },
     "@istanbuljs/load-nyc-config": {
@@ -7292,16 +7292,16 @@
       "dev": true
     },
     "eslint": {
-      "version": "8.56.0",
-      "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.56.0.tgz",
-      "integrity": "sha512-Go19xM6T9puCOWntie1/P997aXxFsOi37JIHRWI514Hc6ZnaHGKY9xFhrU65RT6CcBEzZoGG1e6Nq+DT04ZtZQ==",
+      "version": "8.57.0",
+      "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.57.0.tgz",
+      "integrity": "sha512-dZ6+mexnaTIbSBZWgou51U6OmzIhYM2VcNdtiTtI7qPNZm35Akpr0f6vtw3w1Kmn5PYo+tZVfh13WrhpS6oLqQ==",
       "dev": true,
       "requires": {
         "@eslint-community/eslint-utils": "^4.2.0",
         "@eslint-community/regexpp": "^4.6.1",
         "@eslint/eslintrc": "^2.1.4",
-        "@eslint/js": "8.56.0",
-        "@humanwhocodes/config-array": "^0.11.13",
+        "@eslint/js": "8.57.0",
+        "@humanwhocodes/config-array": "^0.11.14",
         "@humanwhocodes/module-importer": "^1.0.1",
         "@nodelib/fs.walk": "^1.2.8",
         "@ungap/structured-clone": "^1.2.0",
@@ -9047,15 +9047,15 @@
       "dev": true
     },
     "typescript": {
-      "version": "5.3.3",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.3.3.tgz",
-      "integrity": "sha512-pXWcraxM0uxAS+tN0AG/BF2TyqmHO014Z070UsJ+pFvYuRSq8KH8DmWpnbXe0pEPDHXZV3FcAbJkijJ5oNEnWw==",
+      "version": "5.4.3",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.4.3.tgz",
+      "integrity": "sha512-KrPd3PKaCLr78MalgiwJnA25Nm8HAmdwN3mYUYZgG/wizIo9EainNVQI9/yDavtVFRN2h3k8uf3GLHuhDMgEHg==",
       "dev": true
     },
     "undici": {
-      "version": "5.28.2",
-      "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.2.tgz",
-      "integrity": "sha512-wh1pHJHnUeQV5Xa8/kyQhO7WFa8M34l026L5P/+2TYiakvGy5Rdc8jWZVyG7ieht/0WgJLEd3kcU5gKx+6GC8w==",
+      "version": "5.28.3",
+      "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.3.tgz",
+      "integrity": "sha512-3ItfzbrhDlINjaP0duwnNsKpDQk3acHI3gVJ1z4fmwMK31k5G9OVIAMLSIaP6w4FaGkaAkN6zaQO9LUvZ1t7VA==",
       "requires": {
         "@fastify/busboy": "^2.0.0"
       }

package.json

@@ -1,6 +1,6 @@
 {
   "name": "codecov-action",
-  "version": "4.0.2",
+  "version": "4.1.1",
   "description": "Upload coverage reports to Codecov from GitHub Actions",
   "main": "index.js",
   "scripts": {
@@ -27,18 +27,18 @@
     "@actions/exec": "^1.1.1",
     "@actions/github": "^6.0.0",
     "gpg": "^0.6.0",
-    "undici": "5.28.2"
+    "undici": "5.28.3"
   },
   "devDependencies": {
     "@types/jest": "^29.5.12",
     "@typescript-eslint/eslint-plugin": "^7.0.0",
     "@typescript-eslint/parser": "^6.21.0",
     "@vercel/ncc": "^0.38.1",
-    "eslint": "^8.56.0",
+    "eslint": "^8.57.0",
     "eslint-config-google": "^0.14.0",
     "jest": "^29.7.0",
     "jest-junit": "^16.0.0",
     "ts-jest": "^29.1.2",
-    "typescript": "^5.3.3"
+    "typescript": "^5.4.3"
   }
 }

src/buildExec.test.ts

@@ -38,7 +38,10 @@ test('general args', () => {
 
 
 test('upload args using context', () => {
-  const expectedArgs = [];
+  const expectedArgs = [
+    '--git-service',
+    'github',
+  ];
   const {uploadExecArgs, uploadCommand} = buildUploadExec();
   if (context.eventName == 'pull_request') {
     expectedArgs.push('-C', `${context.payload.pull_request.head.sha}`);
@@ -65,6 +68,7 @@ test('upload args', () => {
     'file': 'coverage.xml',
     'files': 'dir1/coverage.xml,dir2/coverage.xml',
     'flags': 'test,test2',
+    'git_service': 'github_enterprise',
     'handle_no_reports_found': 'true',
     'job_code': '32',
     'name': 'codecov',
@@ -110,6 +114,8 @@ test('upload args', () => {
     'test',
     '-F',
     'test2',
+    '--git-service',
+    'github_enterprise',
     '--handle-no-reports-found',
     '--job-code',
     '32',
@@ -152,6 +158,7 @@ test('upload args', () => {
 
 test('report args', () => {
   const envs = {
+    git_service: 'github_enterprise',
     override_commit: '9caabca5474b49de74ef5667deabaf74cdacc244',
     override_pr: 'fakePR',
     slug: 'fakeOwner/fakeRepo',
@@ -165,6 +172,8 @@ test('report args', () => {
   const {reportExecArgs, reportCommand} = buildReportExec();
 
   const expectedArgs = [
+    '--git-service',
+    'github_enterprise',
     '-C',
     '9caabca5474b49de74ef5667deabaf74cdacc244',
     '-P',
@@ -189,7 +198,10 @@ test('report args using context', () => {
   for (const env of Object.keys(envs)) {
     process.env['INPUT_' + env.toUpperCase()] = envs[env];
   }
-  const expectedArgs : string[] = [];
+  const expectedArgs : string[] = [
+    '--git-service',
+    'github',
+  ];
   if (context.eventName == 'pull_request') {
     expectedArgs.push('-C', `${context.payload.pull_request.head.sha}`);
   }
@@ -206,6 +218,7 @@ test('report args using context', () => {
 
 test('commit args', () => {
   const envs = {
+    git_service: 'github_enterprise',
     commit_parent: '83231650328f11695dfb754ca0f540516f188d27',
     override_branch: 'thomasrockhu/test',
     override_commit: '9caabca5474b49de74ef5667deabaf74cdacc244',
@@ -222,6 +235,8 @@ test('commit args', () => {
   const expectedArgs = [
     '--parent-sha',
     '83231650328f11695dfb754ca0f540516f188d27',
+    '--git-service',
+    'github_enterprise',
     '-B',
     'thomasrockhu/test',
     '-C',
@@ -241,7 +256,10 @@ test('commit args', () => {
 });
 
 test('commit args using context', () => {
-  const expectedArgs :string[] = [];
+  const expectedArgs :string[] = [
+    '--git-service',
+    'github',
+  ];
 
   const {commitExecArgs, commitCommand} = buildCommitExec();
   if (context.eventName == 'pull_request') {

src/buildExec.ts

@@ -20,6 +20,7 @@ const isTrue = (variable) => {
 
 const buildCommitExec = () => {
   const commitParent = core.getInput('commit_parent');
+  const gitService = core.getInput('git_service');
   const overrideBranch = core.getInput('override_branch');
   const overrideCommit = core.getInput('override_commit');
   const overridePr = core.getInput('override_pr');
@@ -48,6 +49,7 @@ const buildCommitExec = () => {
   if (commitParent) {
     commitExecArgs.push('--parent-sha', `${commitParent}`);
   }
+  commitExecArgs.push('--git-service', `${gitService ? gitService : 'github'}`);
 
   if (overrideBranch) {
     commitExecArgs.push('-B', `${overrideBranch}`);
@@ -100,6 +102,7 @@ const buildGeneralExec = () => {
 };
 
 const buildReportExec = () => {
+  const gitService = core.getInput('git_service');
   const overrideCommit = core.getInput('override_commit');
   const overridePr = core.getInput('override_pr');
   const slug = core.getInput('slug');
@@ -125,6 +128,8 @@ const buildReportExec = () => {
   if (token) {
     reportOptions.env.CODECOV_TOKEN = token;
   }
+  reportExecArgs.push('--git-service', `${gitService ? gitService : 'github'}`);
+
   if (overrideCommit) {
     reportExecArgs.push('-C', `${overrideCommit}`);
   } else if (
@@ -155,6 +160,7 @@ const buildReportExec = () => {
 
 const buildUploadExec = () => {
   const disableFileFixes = isTrue(core.getInput('disable_file_fixes'));
+  const disableSafeDirectory = isTrue(core.getInput('disable_safe_directory'));
   const disableSearch = isTrue(core.getInput('disable_search'));
   const dryRun = isTrue(core.getInput('dry_run'));
   const envVars = core.getInput('env_vars');
@@ -163,6 +169,7 @@ const buildUploadExec = () => {
   const file = core.getInput('file');
   const files = core.getInput('files');
   const flags = core.getInput('flags');
+  const gitService = core.getInput('git_service');
   const handleNoReportsFound = isTrue(core.getInput('handle_no_reports_found'));
   const jobCode = core.getInput('job_code');
   const name = core.getInput('name');
@@ -239,6 +246,7 @@ const buildUploadExec = () => {
       uploadExecArgs.push('-F', `${f}`);
     });
   }
+  uploadExecArgs.push('--git-service', `${gitService ? gitService : 'github'}`);
   if (handleNoReportsFound) {
     uploadExecArgs.push('--handle-no-reports-found');
   }
@@ -305,6 +313,7 @@ const buildUploadExec = () => {
   return {
     uploadExecArgs,
     uploadOptions,
+    disableSafeDirectory,
     failCi,
     os,
     uploaderVersion,

src/helpers.test.ts

@@ -1,10 +1,13 @@
+import * as exec from '@actions/exec';
+
 import {
+  PLATFORMS,
   getBaseUrl,
+  getCommand,
   getPlatform,
   isValidPlatform,
   isWindows,
-  PLATFORMS,
-  getCommand,
+  setSafeDirectory,
 } from './helpers';
 
 let OLDOS = process.env.RUNNER_OS;
@@ -78,3 +81,16 @@ test('getCommand', () => {
   expect(getCommand('path', ['-v', '-x'], 'do-upload'))
       .toEqual(['path', '-v', '-x', 'do-upload']);
 });
+
+test('setSafeDirectory', async () => {
+  process.env.GITHUB_WORKSPACE = 'testOrg/testRepo';
+  await setSafeDirectory();
+  const testSafeDirectory = ([
+    'git',
+    'config',
+    '--get',
+    'safe.directory',
+  ]).join(' ');
+  const safeDirectory = await exec.getExecOutput(testSafeDirectory);
+  expect(safeDirectory.stdout).toBe('testOrg/testRepo\n');
+});

src/helpers.ts

@@ -1,4 +1,5 @@
 import * as core from '@actions/core';
+import * as exec from '@actions/exec';
 
 const PLATFORMS = [
   'linux',
@@ -64,6 +65,19 @@ const getCommand = (
   return fullCommand;
 };
 
+const setSafeDirectory = async () => {
+  const command = ([
+    'git',
+    'config',
+    '--global',
+    '--add',
+    'safe.directory',
+    `${process.env['GITHUB_WORKSPACE']}`,
+  ].join(' '));
+  core.info(`==> Running ${command}`);
+  await exec.exec(command);
+};
+
 export {
   PLATFORMS,
   getBaseUrl,
@@ -72,5 +86,6 @@ export {
   isValidPlatform,
   isWindows,
   setFailure,
+  setSafeDirectory,
   getCommand,
 };

src/index.ts

@@ -12,10 +12,11 @@ import {
 } from './buildExec';
 import {
   getBaseUrl,
+  getCommand,
   getPlatform,
   getUploaderName,
   setFailure,
-  getCommand,
+  setSafeDirectory,
 } from './helpers';
 
 import verify from './validate';
@@ -29,6 +30,7 @@ try {
   const {
     uploadExecArgs,
     uploadOptions,
+    disableSafeDirectory,
     failCi,
     os,
     uploaderVersion,
@@ -55,6 +57,9 @@ try {
           await verify(filename, platform, uploaderVersion, verbose, failCi);
           await versionInfo(platform, uploaderVersion);
           await fs.chmodSync(filename, '777');
+          if (!disableSafeDirectory) {
+            await setSafeDirectory();
+          }
 
           const unlink = () => {
             fs.unlink(filename, (err) => {

src/version.ts

@@ -3,14 +3,12 @@ import {request} from 'undici';
 
 const versionInfo = async (
     platform: string,
-    version?: string,
+    version: string,
 ): Promise<void> => {
-  if (version) {
   core.info(`==> Running version ${version}`);
-  }
 
   try {
-    const metadataRes = await request(`https://cli.codecov.io/${platform}/latest`, {
+    const metadataRes = await request(`https://cli.codecov.io/${platform}/${version}`, {
       headers: {'Accept': 'application/json'},
     });
     const metadata = await metadataRes.body.json();