Skip to content

evaluate codecov/codecov-action v4 token  #3862

New issue
New issue
Closed as not planned
Closed as not planned
evaluate codecov/codecov-action v4 token #3862
Labels
Stalearea/tech-debtgithub_actionsPull requests that update Github_actions code
@spencerschrock

Description

@spencerschrock
spencerschrock
opened on Feb 7, 2024

As of v4, a token is required for upload.
Changelog link

Some of our uploading workflows are in a pull_request trigger, which won't have access to secrets, and switching to pull_request_target just for that isn't worth the risk.

See this discussion for context: #3857 (comment)

Perhaps tokenless uploading will come back in later versions? maybe we use a different way of visualizing codecov?

Metadata

Metadata

Assignees

No one assigned

    Labels

    Stalearea/tech-debtgithub_actionsPull requests that update Github_actions code

    Type

    No type

    Projects

    OpenSSF Scorecard

    Status

    Done

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions