mirror of
https://github.com/codecov/codecov-action.git
synced 2026-04-17 19:52:36 +08:00
Compare commits
4 Commits
th/release
...
v5.4.1-bet
| Author | SHA1 | Date | |
|---|---|---|---|
|
a332ebc466 | ||
|
f95a404f92 | ||
|
|
ea99328d1c | ||
|
|
13d0469d01 |
6
.github/workflows/codeql-analysis.yml
vendored
6
.github/workflows/codeql-analysis.yml
vendored
@@ -41,7 +41,7 @@ jobs:
|
|||||||
|
|
||||||
# Initializes the CodeQL tools for scanning.
|
# Initializes the CodeQL tools for scanning.
|
||||||
- name: Initialize CodeQL
|
- name: Initialize CodeQL
|
||||||
uses: github/codeql-action/init@v3.28.11
|
uses: github/codeql-action/init@v3.28.13
|
||||||
with:
|
with:
|
||||||
languages: ${{ matrix.language }}
|
languages: ${{ matrix.language }}
|
||||||
# If you wish to specify custom queries, you can do so here or in a config file.
|
# If you wish to specify custom queries, you can do so here or in a config file.
|
||||||
@@ -52,7 +52,7 @@ jobs:
|
|||||||
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
|
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
|
||||||
# If this step fails, then you should remove it and run the build manually (see below)
|
# If this step fails, then you should remove it and run the build manually (see below)
|
||||||
- name: Autobuild
|
- name: Autobuild
|
||||||
uses: github/codeql-action/autobuild@v3.28.11
|
uses: github/codeql-action/autobuild@v3.28.13
|
||||||
|
|
||||||
# ℹ️ Command-line programs to run using the OS shell.
|
# ℹ️ Command-line programs to run using the OS shell.
|
||||||
# 📚 https://git.io/JvXDl
|
# 📚 https://git.io/JvXDl
|
||||||
@@ -66,4 +66,4 @@ jobs:
|
|||||||
# make release
|
# make release
|
||||||
|
|
||||||
- name: Perform CodeQL Analysis
|
- name: Perform CodeQL Analysis
|
||||||
uses: github/codeql-action/analyze@v3.28.11
|
uses: github/codeql-action/analyze@v3.28.13
|
||||||
|
|||||||
4
.github/workflows/scorecards-analysis.yml
vendored
4
.github/workflows/scorecards-analysis.yml
vendored
@@ -49,7 +49,7 @@ jobs:
|
|||||||
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
|
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
|
||||||
# format to the repository Actions tab.
|
# format to the repository Actions tab.
|
||||||
- name: "Upload artifact"
|
- name: "Upload artifact"
|
||||||
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
|
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
|
||||||
with:
|
with:
|
||||||
name: SARIF file
|
name: SARIF file
|
||||||
path: results.sarif
|
path: results.sarif
|
||||||
@@ -57,6 +57,6 @@ jobs:
|
|||||||
|
|
||||||
# Upload the results to GitHub's code scanning dashboard.
|
# Upload the results to GitHub's code scanning dashboard.
|
||||||
- name: "Upload to code-scanning"
|
- name: "Upload to code-scanning"
|
||||||
uses: github/codeql-action/upload-sarif@v3.28.11 # v1.0.26
|
uses: github/codeql-action/upload-sarif@v3.28.13 # v1.0.26
|
||||||
with:
|
with:
|
||||||
sarif_file: results.sarif
|
sarif_file: results.sarif
|
||||||
|
|||||||
10
CHANGELOG.md
10
CHANGELOG.md
@@ -1,13 +1,3 @@
|
|||||||
## v5.5.0
|
|
||||||
|
|
||||||
### What's Changed
|
|
||||||
* chore(release): wrapper -0.2.1 by @app/codecov-releaser-app in https://github.com/codecov/codecov-action/pull/1788
|
|
||||||
* build(deps): bump github/codeql-action from 3.28.10 to 3.28.11 by @app/dependabot in https://github.com/codecov/codecov-action/pull/1786
|
|
||||||
|
|
||||||
|
|
||||||
**Full Changelog**: https://github.com/codecov/codecov-action/compare/v5.4.0..v5.5.0
|
|
||||||
|
|
||||||
|
|
||||||
## v5.4.0
|
## v5.4.0
|
||||||
|
|
||||||
### What's Changed
|
### What's Changed
|
||||||
|
|||||||
16
action.yml
16
action.yml
@@ -202,16 +202,23 @@ runs:
|
|||||||
GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME: ${{ github.event.pull_request.head.repo.full_name }}
|
GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME: ${{ github.event.pull_request.head.repo.full_name }}
|
||||||
GITHUB_REPOSITORY: ${{ github.repository }}
|
GITHUB_REPOSITORY: ${{ github.repository }}
|
||||||
|
|
||||||
|
- name: Get OIDC token
|
||||||
|
if: ${{ inputs.use_oidc }}
|
||||||
|
uses: actions/github-script@v7
|
||||||
|
id: oidc
|
||||||
|
with:
|
||||||
|
script: |
|
||||||
|
const id_token = await core.getIDToken(process.env.CC_OIDC_AUDIENCE)
|
||||||
|
return id_token
|
||||||
|
env:
|
||||||
|
CC_OIDC_AUDIENCE: ${{ inputs.url || 'https://codecov.io' }}
|
||||||
|
|
||||||
- name: Get and set token
|
- name: Get and set token
|
||||||
shell: bash
|
shell: bash
|
||||||
run: |
|
run: |
|
||||||
if [ "${{ inputs.use_oidc }}" == 'true' ] && [ "$CC_FORK" != 'true' ];
|
if [ "${{ inputs.use_oidc }}" == 'true' ] && [ "$CC_FORK" != 'true' ];
|
||||||
then
|
then
|
||||||
# {"count":1984,"value":"***"}
|
echo "CC_TOKEN=$CC_OIDC_TOKEN" >> "$GITHUB_ENV"
|
||||||
echo -e "\033[0;32m==>\033[0m Requesting OIDC token from '$ACTIONS_ID_TOKEN_REQUEST_URL'"
|
|
||||||
CC_TOKEN=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=$CC_OIDC_AUDIENCE" | cut -d\" -f6)
|
|
||||||
echo "CC_TOKEN=$CC_TOKEN" >> "$GITHUB_ENV"
|
|
||||||
elif [ -n "${{ env.CODECOV_TOKEN }}" ];
|
elif [ -n "${{ env.CODECOV_TOKEN }}" ];
|
||||||
then
|
then
|
||||||
echo -e "\033[0;32m==>\033[0m Token set from env"
|
echo -e "\033[0;32m==>\033[0m Token set from env"
|
||||||
@@ -225,6 +232,7 @@ runs:
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
env:
|
env:
|
||||||
|
CC_OIDC_TOKEN: ${{ steps.oidc.outputs.result }}
|
||||||
CC_OIDC_AUDIENCE: ${{ inputs.url || 'https://codecov.io' }}
|
CC_OIDC_AUDIENCE: ${{ inputs.url || 'https://codecov.io' }}
|
||||||
|
|
||||||
- name: Override branch for forks
|
- name: Override branch for forks
|
||||||
|
|||||||
@@ -1 +1 @@
|
|||||||
5.5.0
|
5.4.0
|
||||||
|
|||||||
Reference in New Issue
Block a user