chore(release): 4.1.1 (#1344)

Signed-off-by: Martin Kröning <martin.kroening@eonerc.rwth-aachen.de>

.github/workflows/codeql-analysis.yml

@@ -37,11 +37,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4.1.1
+      uses: actions/checkout@v4.1.2
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3.24.5
+      uses: github/codeql-action/init@v3.24.9
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -52,7 +52,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v3.24.5
+      uses: github/codeql-action/autobuild@v3.24.9
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -66,4 +66,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3.24.5
+      uses: github/codeql-action/analyze@v3.24.9

.github/workflows/main.yml

@@ -8,7 +8,7 @@ jobs:
         os: [macos-latest, windows-latest, ubuntu-latest, macos-latest-xlarge]
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.2
       - name: Install dependencies
         run: npm install
       - name: Lint
@@ -48,7 +48,7 @@ jobs:
     container: node:18
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.2
       - name: Install dependencies
         run: npm install
       - name: Lint

.github/workflows/scorecards-analysis.yml

@@ -24,7 +24,7 @@ jobs:
     
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@v4.1.1 # v3.0.0
+        uses: actions/checkout@v4.1.2 # v3.0.0
         with:
           persist-credentials: false
 
@@ -56,6 +56,6 @@ jobs:
       
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@v3.24.5 # v1.0.26
+        uses: github/codeql-action/upload-sarif@v3.24.9 # v1.0.26
         with:
           sarif_file: results.sarif

README.md

@@ -95,7 +95,7 @@ Codecov's Action supports inputs from the user. These inputs, along with their d
 | `plugin` | plugins to run. Options: xcode, gcov, pycoverage. The default behavior runs them all. | Optional 
 | `plugins` | Comma-separated list of plugins for use during upload. | Optional 
 | `report_code` | The code of the report. If unsure, do not include | Optional 
-| `root_dir` | Used when not in git/hg project to identify project root directory | Optional 
+| `root_dir` | Used to specify the location of your   .git   root to identify project root directory | Optional 
 | `slug` | Specify the slug manually (Enterprise use) | Optional 
 | `url` | Specify the base url to upload (Enterprise use) | Optional 
 | `use_legacy_upload_endpoint` | Use the legacy upload endpoint | Optional 

dist/index.js

@@ -21064,6 +21064,9 @@ function httpRedirectFetch (fetchParams, response) {
     // https://fetch.spec.whatwg.org/#cors-non-wildcard-request-header-name
     request.headersList.delete('authorization')
 
+    // https://fetch.spec.whatwg.org/#authentication-entries
+    request.headersList.delete('proxy-authorization', true)
+
     // "Cookie" and "Host" are forbidden request-headers, which undici doesn't implement.
     request.headersList.delete('cookie')
     request.headersList.delete('host')
@@ -32379,7 +32382,7 @@ const buildReportExec = () => {
 };
 const buildUploadExec = () => {
     const disableFileFixes = isTrue(core.getInput('disable_file_fixes'));
-    const disableSafeDirectory = isTrue(core.getInput('diable_safe_directory'));
+    const disableSafeDirectory = isTrue(core.getInput('disable_safe_directory'));
     const disableSearch = isTrue(core.getInput('disable_search'));
     const dryRun = isTrue(core.getInput('dry_run'));
     const envVars = core.getInput('env_vars');
@@ -32718,11 +32721,9 @@ var version_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _
 
 
 const versionInfo = (platform, version) => version_awaiter(void 0, void 0, void 0, function* () {
-    if (version) {
-        core.info(`==> Running version ${version}`);
-    }
+    core.info(`==> Running version ${version}`);
     try {
-        const metadataRes = yield (0,undici.request)(`https://cli.codecov.io/${platform}/latest`, {
+        const metadataRes = yield (0,undici.request)(`https://cli.codecov.io/${platform}/${version}`, {
             headers: { 'Accept': 'application/json' },
         });
         const metadata = yield metadataRes.body.json();

package-lock.json

@@ -1,19 +1,19 @@
 {
   "name": "codecov-action",
-  "version": "4.1.0",
+  "version": "4.1.1",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "codecov-action",
-      "version": "4.1.0",
+      "version": "4.1.1",
       "license": "MIT",
       "dependencies": {
         "@actions/core": "^1.10.1",
         "@actions/exec": "^1.1.1",
         "@actions/github": "^6.0.0",
         "gpg": "^0.6.0",
-        "undici": "5.28.2"
+        "undici": "5.28.3"
       },
       "devDependencies": {
         "@types/jest": "^29.5.12",
@@ -25,7 +25,7 @@
         "jest": "^29.7.0",
         "jest-junit": "^16.0.0",
         "ts-jest": "^29.1.2",
-        "typescript": "^5.3.3"
+        "typescript": "^5.4.3"
       }
     },
     "node_modules/@aashutoshrathi/word-wrap": {
@@ -5103,9 +5103,9 @@
       }
     },
     "node_modules/typescript": {
-      "version": "5.3.3",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.3.3.tgz",
-      "integrity": "sha512-pXWcraxM0uxAS+tN0AG/BF2TyqmHO014Z070UsJ+pFvYuRSq8KH8DmWpnbXe0pEPDHXZV3FcAbJkijJ5oNEnWw==",
+      "version": "5.4.3",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.4.3.tgz",
+      "integrity": "sha512-KrPd3PKaCLr78MalgiwJnA25Nm8HAmdwN3mYUYZgG/wizIo9EainNVQI9/yDavtVFRN2h3k8uf3GLHuhDMgEHg==",
       "dev": true,
       "bin": {
         "tsc": "bin/tsc",
@@ -5116,9 +5116,9 @@
       }
     },
     "node_modules/undici": {
-      "version": "5.28.2",
-      "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.2.tgz",
-      "integrity": "sha512-wh1pHJHnUeQV5Xa8/kyQhO7WFa8M34l026L5P/+2TYiakvGy5Rdc8jWZVyG7ieht/0WgJLEd3kcU5gKx+6GC8w==",
+      "version": "5.28.3",
+      "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.3.tgz",
+      "integrity": "sha512-3ItfzbrhDlINjaP0duwnNsKpDQk3acHI3gVJ1z4fmwMK31k5G9OVIAMLSIaP6w4FaGkaAkN6zaQO9LUvZ1t7VA==",
       "dependencies": {
         "@fastify/busboy": "^2.0.0"
       },
@@ -9047,15 +9047,15 @@
       "dev": true
     },
     "typescript": {
-      "version": "5.3.3",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.3.3.tgz",
-      "integrity": "sha512-pXWcraxM0uxAS+tN0AG/BF2TyqmHO014Z070UsJ+pFvYuRSq8KH8DmWpnbXe0pEPDHXZV3FcAbJkijJ5oNEnWw==",
+      "version": "5.4.3",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.4.3.tgz",
+      "integrity": "sha512-KrPd3PKaCLr78MalgiwJnA25Nm8HAmdwN3mYUYZgG/wizIo9EainNVQI9/yDavtVFRN2h3k8uf3GLHuhDMgEHg==",
       "dev": true
     },
     "undici": {
-      "version": "5.28.2",
-      "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.2.tgz",
-      "integrity": "sha512-wh1pHJHnUeQV5Xa8/kyQhO7WFa8M34l026L5P/+2TYiakvGy5Rdc8jWZVyG7ieht/0WgJLEd3kcU5gKx+6GC8w==",
+      "version": "5.28.3",
+      "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.3.tgz",
+      "integrity": "sha512-3ItfzbrhDlINjaP0duwnNsKpDQk3acHI3gVJ1z4fmwMK31k5G9OVIAMLSIaP6w4FaGkaAkN6zaQO9LUvZ1t7VA==",
       "requires": {
         "@fastify/busboy": "^2.0.0"
       }

package.json

@@ -1,6 +1,6 @@
 {
   "name": "codecov-action",
-  "version": "4.1.0",
+  "version": "4.1.1",
   "description": "Upload coverage reports to Codecov from GitHub Actions",
   "main": "index.js",
   "scripts": {
@@ -27,7 +27,7 @@
     "@actions/exec": "^1.1.1",
     "@actions/github": "^6.0.0",
     "gpg": "^0.6.0",
-    "undici": "5.28.2"
+    "undici": "5.28.3"
   },
   "devDependencies": {
     "@types/jest": "^29.5.12",
@@ -39,6 +39,6 @@
     "jest": "^29.7.0",
     "jest-junit": "^16.0.0",
     "ts-jest": "^29.1.2",
-    "typescript": "^5.3.3"
+    "typescript": "^5.4.3"
   }
 }

src/buildExec.ts

@@ -160,7 +160,7 @@ const buildReportExec = () => {
 
 const buildUploadExec = () => {
   const disableFileFixes = isTrue(core.getInput('disable_file_fixes'));
-  const disableSafeDirectory = isTrue(core.getInput('diable_safe_directory'));
+  const disableSafeDirectory = isTrue(core.getInput('disable_safe_directory'));
   const disableSearch = isTrue(core.getInput('disable_search'));
   const dryRun = isTrue(core.getInput('dry_run'));
   const envVars = core.getInput('env_vars');

src/version.ts

@@ -3,14 +3,12 @@ import {request} from 'undici';
 
 const versionInfo = async (
     platform: string,
-    version?: string,
+    version: string,
 ): Promise<void> => {
-  if (version) {
-    core.info(`==> Running version ${version}`);
-  }
+  core.info(`==> Running version ${version}`);
 
   try {
-    const metadataRes = await request(`https://cli.codecov.io/${platform}/latest`, {
+    const metadataRes = await request(`https://cli.codecov.io/${platform}/${version}`, {
       headers: {'Accept': 'application/json'},
     });
     const metadata = await metadataRes.body.json();