chore(docs): update docs with use_oidc argument

README.md

@@ -64,6 +64,17 @@ steps:
 > [!NOTE]
 > This assumes that you've set your Codecov token inside *Settings > Secrets* as `CODECOV_TOKEN`. If not, you can [get an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) for your specific repo on [codecov.io](https://www.codecov.io). Keep in mind that secrets are *not* available to forks of repositories.
 
+### Using OIDC
+For users with [OpenID Connect(OIDC) enabled](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect), the Codecov token is not necessary. You can use OIDC with the `use_oidc` argument as following.
+
+```yaml
+- uses: codecov/codecov-action@v4
+  with:
+    use_oidc: true
+```
+
+Any token supplied will be ignored, as Codecov will default to the OIDC token for verification.
+
 ## Arguments
 
 Codecov's Action supports inputs from the user. These inputs, along with their descriptions and usage contexts, are listed in the table below:
@@ -99,6 +110,7 @@ Codecov's Action supports inputs from the user. These inputs, along with their d
 | `slug` | Specify the slug manually (Enterprise use) | Optional
 | `url` | Specify the base url to upload (Enterprise use) | Optional
 | `use_legacy_upload_endpoint` | Use the legacy upload endpoint | Optional
+| `use_oidc` | Use OpenID Connect for verification instead of token. This will ignore any token supplied. Please see [GitHub documentation](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect) for details.
 | `verbose` | Specify whether the Codecov output should be verbose | Optional
 | `version` | Specify which version of the Codecov CLI should be used. Defaults to `latest` | Optional
 | `working-directory` | Directory in which to execute codecov.sh | Optional