Bump codecov/codecov-action from 3.1.3 to 4.5.0 #236
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.3 to 4.5.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@v3.1.3...v4.5.0) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
|
i think codecov-action 4 needs an explicit token in the secrets 🤔 |
|
Let's merge for now. |
|
nope, we need to set the secrets, otherwise the upload will fail 
|
|
Fine, I guess this is something @kklein has to take a look at. Thanks. |
|
you can find the token at https://app.codecov.io/gh/quantco/datajudge/settings and should set it both as an actions secret and a dependabot secret |
|
I added both and afaict we still obtain the same error. :/ |
Did you also add it as a Dependabot secret? ;) |
|
Afaict yes: |
|
|
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #236 +/- ##
==========================================
+ Coverage 91.63% 93.35% +1.71%
==========================================
Files 18 18
Lines 1985 1985
==========================================
+ Hits 1819 1853 +34
+ Misses 166 132 -34 ☔ View full report in Codecov by Sentry. |
Not sure if codecov is just being flaky or if this is an actual issue |
I wouldn't worry too much about this until we have merged this PR to |
|
HEAD having 21 should be fine. BASE having 51 seems like an irregularity with codecov 3 also this seems odd
but i agree that we should just merge and check if the issue occurs in follow-up PRs |
pavelzw
deleted the
dependabot/github_actions/codecov/codecov-action-4.5.0
branch
Bumps codecov/codecov-action from 3.1.3 to 4.5.0.
Release notes
Sourced from codecov/codecov-action's releases.
... (truncated)
Changelog
Sourced from codecov/codecov-action's changelog.
Commits
e28ff12chore(release): bump to 4.5.0 (#1477)7594baaUse an existing token even if the PR is from a fork (#1471)81c0a51feat: add support for tokenless v3 (#1410)f5e203fbuild(deps-dev): bump@typescript-eslint/eslint-pluginfrom 7.12.0 to 7.13.0 ...7c48363build(deps-dev): bump braces from 3.0.2 to 3.0.3 (#1475)69e5d09build(deps-dev): bump@typescript-eslint/parserfrom 7.12.0 to 7.13.0 (#1474)feaf700fix: handle trailing commas (#1470)7b6a727build(deps): bump github/codeql-action from 3.25.7 to 3.25.8 (#1472)ccf7a1fbuild(deps-dev): bump@typescript-eslint/eslint-pluginfrom 7.11.0 to 7.12.0 ...f03f015build(deps-dev): bump@typescript-eslint/parserfrom 7.11.0 to 7.12.0 (#1467)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)