2026-02-08 12:07:25 +00:00
18 changed files with 355 additions and 1638 deletions
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -37,11 +37,11 @@ jobs:
    steps:
    - name: Checkout repository
-      uses: actions/checkout@v5.0.0
+      uses: actions/checkout@v4.2.2
    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3.30.0
+      uses: github/codeql-action/init@v3.27.0
      with:
        languages: ${{ matrix.language }}
        # If you wish to specify custom queries, you can do so here or in a config file.
@ -52,7 +52,7 @@ jobs:
    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
    # If this step fails, then you should remove it and run the build manually (see below)
    - name: Autobuild
-      uses: github/codeql-action/autobuild@v3.30.0
+      uses: github/codeql-action/autobuild@v3.27.0
    # ℹ️ Command-line programs to run using the OS shell.
    # 📚 https://git.io/JvXDl
@ -66,4 +66,4 @@ jobs:
    #   make release
    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3.30.0
+      uses: github/codeql-action/analyze@v3.27.0
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -12,20 +12,19 @@ jobs:
        os: [macos-latest, windows-latest, ubuntu-latest]
    steps:
      - name: Checkout
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.2.2
        with:
-          submodules: "true"
+          submodules: 'true'
      - name: Install dependencies
-        run: pip install -r app/requirements.txt
+        run: pip install -r src/scripts/app/requirements.txt
      - name: Run tests and collect coverage
-        run: pytest app/ --cov
+        run: pytest src/scripts/app/ --cov
      - name: Upload coverage to Codecov (script)
        uses: ./
        with:
          fail_ci_if_error: true
          files: ./coverage/script/coverage-final.json
-          flags: script-${{ matrix.os }}
+          flags: script,${{ matrix.os }}
          name: codecov-script
          verbose: true
          token: ${{ secrets.CODECOV_TOKEN }}
@ -34,7 +33,7 @@ jobs:
        with:
          fail_ci_if_error: true
          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json
-          flags: demo-${{ matrix.os }}
+          flags: demo,${{ matrix.os }}
          name: codecov-demo
          verbose: true
          token: ${{ secrets.CODECOV_TOKEN }}
@ -43,30 +42,30 @@ jobs:
        with:
          fail_ci_if_error: true
          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json
-          flags: version-${{ matrix.os }}
+          flags: version,${{ matrix.os }}
          name: codecov-version
-          version: v9.1.0
+          version: v0.8.0
          verbose: true
          token: ${{ secrets.CODECOV_TOKEN }}
  run-macos-latest-xlarge:
-    if: github.event.pull_request.head.repo.full_name == 'codecov/codecov-action'
+    if: github.head.repo.full_name == 'codecov/codecov-action'
    runs-on: macos-latest-xlarge
    steps:
      - name: Checkout
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.2.2
        with:
-          submodules: "true"
+          submodules: 'true'
      - name: Install dependencies
-        run: pip install -r app/requirements.txt
+        run: pip install -r src/scripts/app/requirements.txt
      - name: Run tests and collect coverage
-        run: pytest app/ --cov
+        run: pytest src/scripts/app/ --cov
      - name: Upload coverage to Codecov (script)
        uses: ./
        with:
          fail_ci_if_error: true
          files: ./coverage/script/coverage-final.json
-          flags: script-macos-latest-xlarge
+          flags: script,macos-latest-xlarge
          name: codecov-script
          verbose: true
          token: ${{ secrets.CODECOV_TOKEN }}
@ -75,26 +74,18 @@ jobs:
        with:
          fail_ci_if_error: true
          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json
-          flags: demo-macos-latest-xlarge
+          flags: demo,macos-latest-xlarge
          name: codecov-demo
          verbose: true
          token: ${{ secrets.CODECOV_TOKEN }}
      - name: Upload coverage to Codecov (oidc)
        uses: ./
        with:
          files: ./coverage/script/coverage-final.json
          flags: script-${{ matrix.os }}
          name: codecov-script
          use_oidc: true
          verbose: true
      - name: Upload coverage to Codecov (version)
        uses: ./
        with:
          fail_ci_if_error: true
          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json
-          flags: version-maxos-latest-xlarge
+          flags: version,maxos-latest-xlarge
          name: codecov-version
-          version: v9.1.0
+          version: v0.8.0
          verbose: true
          token: ${{ secrets.CODECOV_TOKEN }}
@ -103,18 +94,17 @@ jobs:
    container: python:latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.2.2
        with:
-          submodules: "true"
+          submodules: 'true'
      - name: Install deps
        run: |
-          apt-get update && apt-get install -y git
+          apt-get install git
      - name: Upload coverage to Codecov (script)
        uses: ./
        with:
          files: ./coverage/script/coverage-final.json
-          flags: script-container
+          flags: script,${{ matrix.os }}
          name: codecov-script
          verbose: true
          token: ${{ secrets.CODECOV_TOKEN }}
@ -122,7 +112,7 @@ jobs:
        uses: ./
        with:
          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json
-          flags: demo-container
+          flags: demo,${{ matrix.os }}
          name: codecov-demo
          verbose: true
          token: ${{ secrets.CODECOV_TOKEN }}
@ -130,107 +120,8 @@ jobs:
        uses: ./
        with:
          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json
-          flags: version-container
+          flags: version,${{ matrix.os }}
          name: codecov-version
-          version: v9.1.0
+          version: v0.8.0
          verbose: true
          token: ${{ secrets.CODECOV_TOKEN }}
  run-alpine-missing-deps:
    runs-on: ubuntu-latest
    container: alpine:latest
    steps:
      - name: Install only some deps (missing gpg and bash)
        run: |
          apk add git
      - name: Checkout
        uses: actions/checkout@v5.0.0
        with:
          submodules: "true"
      - name: Upload coverage to Codecov (should fail due to missing dependencies)
        id: codecov-upload
        continue-on-error: true
        uses: ./
        with:
          files: ./coverage/script/coverage-final.json
          flags: script-alpine-missing-deps
          name: codecov-script
          verbose: true
          token: ${{ secrets.CODECOV_TOKEN }}
      - name: Verify dependency check failed
        run: |
          if [ "${{ steps.codecov-upload.outcome }}" = "failure" ]; then
            echo "✓ Action correctly failed due to missing dependencies"
            exit 0
          else
            echo "✗ Action should have failed but didn't"
            exit 1
          fi
  run-alpine-success:
    runs-on: ubuntu-latest
    container: alpine:latest
    steps:
      - name: Install all required deps
        run: |
          apk add git curl gnupg bash
      - name: Checkout
        uses: actions/checkout@v5.0.0
        with:
          submodules: "true"
      - name: Upload coverage to Codecov (should succeed)
        uses: ./
        with:
          files: ./coverage/script/coverage-final.json
          flags: script-alpine-success
          name: codecov-script
          verbose: true
          token: ${{ secrets.CODECOV_TOKEN }}
      - name: Upload coverage to Codecov (demo)
        uses: ./
        with:
          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json
          flags: demo-alpine-success
          name: codecov-demo
          verbose: true
          token: ${{ secrets.CODECOV_TOKEN }}
      - name: Upload coverage to Codecov (version)
        uses: ./
        with:
          files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json,./coverage/coverage-final.json
          flags: version-alpine-success
          name: codecov-version
          version: v9.1.0
          verbose: true
          token: ${{ secrets.CODECOV_TOKEN }}
  run-alpine-partial-deps:
    runs-on: ubuntu-latest
    container: alpine:latest
    steps:
      - name: Install only some deps (missing gpg and bash)
        run: |
          apk add git curl
      - name: Checkout
        uses: actions/checkout@v5.0.0
        with:
          submodules: "true"
      - name: Upload coverage to Codecov (should fail due to missing gpg and bash)
        id: codecov-upload
        continue-on-error: true
        uses: ./
        with:
          files: ./coverage/script/coverage-final.json
          flags: script-alpine-partial-deps
          name: codecov-script
          verbose: true
          token: ${{ secrets.CODECOV_TOKEN }}
      - name: Verify dependency check failed
        run: |
          if [ "${{ steps.codecov-upload.outcome }}" = "failure" ]; then
            echo "✓ Action correctly failed due to missing dependencies (gpg and bash)"
            exit 0
          else
            echo "✗ Action should have failed but didn't"
            exit 1
          fi
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@ -25,12 +25,12 @@ jobs:
    steps:
      - name: "Checkout code"
-        uses: actions/checkout@v5.0.0 # v3.0.0
+        uses: actions/checkout@v4.2.2 # v3.0.0
        with:
          persist-credentials: false
      - name: "Run analysis"
-        uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
+        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
        with:
          results_file: results.sarif
          results_format: sarif
@ -49,7 +49,7 @@ jobs:
      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
      # format to the repository Actions tab.
      - name: "Upload artifact"
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
        with:
          name: SARIF file
          path: results.sarif
@ -57,6 +57,6 @@ jobs:
      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@v3.30.0 # v1.0.26
+        uses: github/codeql-action/upload-sarif@v3.27.0 # v1.0.26
        with:
          sarif_file: results.sarif
--- a/.gitignore
+++ b/.gitignore
@ -93,6 +93,3 @@ public/
 # macOS Finder metadata
 .DS_Store
 # pycache dirs
 __pycache__/
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
--- a/2
+++ b/2
@ -1,5 +1,5 @@
 deploy:
-	$(eval VERSION := $(shell cat src/version))
+  $(eval VERSION := $(shell cat src/version | grep 'CODECOV_ACTION_VERSION=' | cut -d\" -f2))
 	git tag -d v5
 	git push origin :v5
 	git tag v5
--- a/README.md
+++ b/README.md
@ -1,24 +1,21 @@
 # Codecov GitHub Action
-[![GitHub Marketplace](https://img.shields.io/badge/Marketplace-v5-undefined.svg?logo=github&logoColor=white&style=flat)](https://github.com/marketplace/actions/codecov)
+[![GitHub Marketplace](https://img.shields.io/badge/Marketplace-v4-undefined.svg?logo=github&logoColor=white&style=flat)](https://github.com/marketplace/actions/codecov)
 [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fcodecov%2Fcodecov-action.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fcodecov%2Fcodecov-action?ref=badge_shield)
 [![Workflow for Codecov Action](https://github.com/codecov/codecov-action/actions/workflows/main.yml/badge.svg)](https://github.com/codecov/codecov-action/actions/workflows/main.yml)
 ### Easily upload coverage reports to Codecov from GitHub Actions
 ## v5 Release
 `v5` of the Codecov GitHub Action will use the [Codecov Wrapper](https://github.com/codecov/wrapper) to encapsulate the [CLI](https://github.com/codecov/codecov-cli). This will help ensure that the Action gets updates quicker.
 ### Migration Guide
 The `v5` release also coincides with the opt-out feature for tokens for public repositories. In the repository settings page in codecov.io, you can set the ability for Codecov to receive a coverage report from ANY souce. This will allow contributors or other members of a repository to upload without needing access to the Codecov token.
-The `v5` release also coincides with the opt-out feature for tokens for public repositories. In the `Global Upload Token` section of the settings page of an organization in codecov.io, you can set the ability for Codecov to receive a coverage reports from any source. This will allow contributors or other members of a repository to upload without needing access to the Codecov token. For more details see [how to upload without a token](https://docs.codecov.com/docs/codecov-tokens#uploading-without-a-token).
+> [!WARNING]  
 > [!WARNING]
 > **The following arguments have been changed**
 > - `file` (this has been deprecated in favor of `files`)
 > - `plugin` (this has been deprecated in favor of `plugins`)
-
+  
 The following arguments have been added:
 - `binary`
@ -33,32 +30,24 @@ The following arguments have been added:
 You can see their usage in the `action.yml` [file](https://github.com/codecov/codecov-action/blob/main/action.yml).
 ## v4 Release
 `v4` of the Codecov GitHub Action will use the [Codecov CLI](https://github.com/codecov/codecov-cli) to upload coverage reports to Codecov.
 ### Breaking Changes
 - Tokenless uploading is unsupported. However, PRs made from forks to the upstream public repos will support tokenless (e.g. contributors to OSS projects do not need the upstream repo's Codecov token). For details, [see our docs](https://docs.codecov.com/docs/codecov-uploader#supporting-token-less-uploads-for-forks-of-open-source-repos-using-codecov)
 - Various arguments to the Action have been removed
 ### Dependabot
 - For repositories using `Dependabot`, users will need to ensure that it has access to the Codecov token for PRs from Dependabot to upload coverage. To do this, please add your `CODECOV_TOKEN` as a Dependabot Secret. For more information, see ["Configuring access to private registries for Dependabot."](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot#storing-credentials-for-dependabot-to-use)
 `v3` versions and below will not have access to CLI features (e.g. global upload token, ATS).
 ## Usage
-> [!CAUTION]
+To integrate Codecov with your Actions pipeline, specify the name of this repository with a tag number (`@v4` is recommended) as a `step` within your `workflow.yml` file.
 > In order for the Action to work seamlessly, you will need to have `bash`, `curl`, `git`, and `gpg` installed on your runner. You will also need to run [actions/checkout](https://github.com/actions/checkout) before calling the Codecov action. If these are not present, the Action will fail. Github Actions runners will have these installed by default. If you are using a custom runner or running in a container, you will need to ensure that these are installed.
 To integrate Codecov with your Actions pipeline, specify the name of this repository with a tag number (`@v5` is recommended) as a `step` within your `workflow.yml` file.
 This Action also requires you to [provide an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) from [codecov.io](https://www.codecov.io) (tip: in order to avoid exposing your token, [store it](https://docs.codecov.com/docs/adding-the-codecov-token#github-actions) as a `secret`).
 Currently, the Action will identify linux, macos, and windows runners. However, the Action may misidentify other architectures. The OS can be specified as
 - alpine
 - alpine-arm64
 - linux
@ -70,111 +59,84 @@ Inside your `.github/workflows/workflow.yml` file:
 ```yaml
 steps:
-  - uses: actions/checkout@main
+- uses: actions/checkout@main
-  - uses: codecov/codecov-action@v5
+- uses: codecov/codecov-action@v4
-    with:
+  with:
-      fail_ci_if_error: true # optional (default = false)
+    fail_ci_if_error: true # optional (default = false)
-      files: ./coverage1.xml,./coverage2.xml # optional
+    files: ./coverage1.xml,./coverage2.xml # optional
-      flags: unittests # optional
+    flags: unittests # optional
-      name: codecov-umbrella # optional
+    name: codecov-umbrella # optional
-      token: ${{ secrets.CODECOV_TOKEN }}
+    token: ${{ secrets.CODECOV_TOKEN }} # required
-      verbose: true # optional (default = false)
+    verbose: true # optional (default = false)
 ```
 The Codecov token can also be passed in via environment variables:
 ```yaml
 steps:
-  - uses: actions/checkout@main
+- uses: actions/checkout@main
-  - uses: codecov/codecov-action@v5
+- uses: codecov/codecov-action@v4
-    with:
+  with:
-      fail_ci_if_error: true # optional (default = false)
+    fail_ci_if_error: true # optional (default = false)
-      files: ./coverage1.xml,./coverage2.xml # optional
+    files: ./coverage1.xml,./coverage2.xml # optional
-      flags: unittests # optional
+    flags: unittests # optional
-      name: codecov-umbrella # optional
+    name: codecov-umbrella # optional
-      verbose: true # optional (default = false)
+    verbose: true # optional (default = false)
-    env:
+  env:
-      CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
+    CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
 ```
-
+> [!NOTE]
-> [!IMPORTANT]
+> This assumes that you've set your Codecov token inside *Settings > Secrets* as `CODECOV_TOKEN`. If not, you can [get an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) for your specific repo on [codecov.io](https://www.codecov.io). Keep in mind that secrets are *not* available to forks of repositories.
 > This assumes that you've set your Codecov token inside _Settings > Secrets_ as `CODECOV_TOKEN`. If not, you can [get an upload token](https://docs.codecov.io/docs/frequently-asked-questions#section-where-is-the-repository-upload-token-found-) for your specific repo on [codecov.io](https://www.codecov.io). Keep in mind that secrets are _not_ available to forks of repositories.
 ### Using OIDC
-
+For users with [OpenID Connect(OIDC) enabled](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect), the Codecov token is not necessary. You can use OIDC with the `use_oidc` argument as following.
 As an alternative to Codecov upload tokens, you can choose to use OIDC as your upload authentication method by setting the `use_oidc` argument:
 ```yaml
- uses: codecov/codecov-action@v5
+- uses: codecov/codecov-action@v4
  with:
    use_oidc: true
 ```
 Any token supplied will be ignored, as Codecov will default to the OIDC token for verification.
 Note that the codecov action must have write permission for `id-token` for this to work:
 ```yaml
 permissions:
  id-token: write
 ```
 This can be set at either the workflow or job level. See GitHub's [docs](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect) for more details.
 ## Arguments
 Codecov's Action supports inputs from the user. These inputs, along with their descriptions and usage contexts, are listed in the table below:
 | Input  | Description | Required |
 | :---       |     :---     |    :---:   |
-| `base_sha` | 'The base SHA to select. This is only used in the "pr-base-picking" run command' | Optional
+| `token` | Repository Codecov token. Used to authorize report uploads | *Required
-| `binary` | The file location of a pre-downloaded version of the CLI. If specified, integrity checking will be bypassed. | Optional
+| `codecov_yml_path` | Specify the path to the Codecov YML | Optional
-| `codecov_yml_path` | The location of the codecov.yml file. This is currently ONLY used for automated test selection (https://docs.codecov.com/docs/getting-started-with-ats). Note that for all other cases, the Codecov yaml will need to be located as described here: https://docs.codecov.com/docs/codecov-yaml#can-i-name-the-file-codecovyml | Optional
+| `commit_parent` | Override to specify the parent commit SHA | Optional
-| `commit_parent` | SHA (with 40 chars) of what should be the parent of this commit. | Optional
+| `directory` | Directory to search for coverage reports. | Optional
-| `directory` | Folder to search for coverage files. Default to the current working directory | Optional
+| `disable_search` | Disable search for coverage files. This is helpful when specifying what files you want to upload with the --file option. | Optional
-| `disable_file_fixes` | Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets). Read more here https://docs.codecov.com/docs/fixing-reports | Optional
+| `disable_file_fixes` | Disable file fixes to ignore common lines from coverage (e.g. blank lines or empty brackets) | Optional
 | `disable_search` | Disable search for coverage files. This is helpful when specifying what files you want to upload with the files option. | Optional
 | `disable_safe_directory` | Disable setting safe directory. Set to true to disable. | Optional
 | `disable_telem` | Disable sending telemetry data to Codecov. Set to true to disable. | Optional
 | `dry_run` | Don't upload files to Codecov | Optional
 | `env_vars` | Environment variables to tag the upload with (e.g. PYTHON \| OS,PYTHON) | Optional
-| `exclude` | Comma-separated list of folders to exclude from search. | Optional
+| `exclude` | Folders to exclude from search | Optional
-| `fail_ci_if_error` | On error, exit with non-zero code | Optional
+| `fail_ci_if_error` | Specify whether or not CI build should fail if Codecov runs into an error during upload | Optional
-| `files` | Comma-separated explicit list of files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using "disable_search" to disable uploading other files. | Optional
+| `file` | Path to coverage file to upload | Optional
-| `flags` | Comma-separated list of flags to upload to group coverage metrics. | Optional
+| `files` | Comma-separated list of files to upload | Optional
-| `force` | Only used for empty-upload run command | Optional
+| `flags` | Flag upload to group coverage metrics (e.g. unittests \| integration \| ui,chrome) | Optional
-| `git_service` | Override the git_service (e.g. github_enterprise) | Optional
+| `handle_no_reports_found` | Raise no exceptions when no coverage reports found | Optional
-| `gcov_args` | Extra arguments to pass to gcov | Optional
+| `job_code` | The job code | Optional
-| `gcov_executable` | gcov executable to run. Defaults to 'gcov' | Optional
+| `name` | User defined upload name. Visible in Codecov UI | Optional
-| `gcov_ignore` | Paths to ignore during gcov gathering | Optional
+| `os` | Override the assumed OS. Options are linux \| macos \| windows \| . | Optional
-| `gcov_include` | Paths to include during gcov gathering | Optional
+| `override_branch` | Specify the branch name | Optional
-| `handle_no_reports_found` | If no coverage reports are found, do not raise an exception. | Optional
+| `override_build` | Specify the build number | Optional
 | `job_code` |  | Optional
 | `name` | Custom defined name of the upload. Visible in the Codecov UI | Optional
 | `network_filter` | Specify a filter on the files listed in the network section of the Codecov report. This will only add files whose path begin with the specified filter. Useful for upload-specific path fixing. | Optional
 | `network_prefix` | Specify a prefix on files listed in the network section of the Codecov report. Useful to help resolve path fixing. | Optional
 | `os` | Override the assumed OS. Options available at cli.codecov.io | Optional
 | `override_branch` | Specify the branch to be displayed with this commit on Codecov | Optional
 | `override_build` | Specify the build number manually | Optional
 | `override_build_url` | The URL of the build where this is running | Optional
-| `override_commit` | Commit SHA (with 40 chars) | Optional
+| `override_commit` | Specify the commit SHA | Optional
-| `override_pr` | Specify the pull request number manually. Used to override pre-existing CI environment variables. | Optional
+| `override_pr` | Specify the pull request number | Optional
-| `plugins` | Comma-separated list of plugins to run. Specify `noop` to turn off all plugins | Optional
+| `plugin` | plugins to run. Options: xcode, gcov, pycoverage. The default behavior runs them all. | Optional
-| `recurse_submodules` | Whether to enumerate files inside of submodules for path-fixing purposes. Off by default. | Optional
+| `plugins` | Comma-separated list of plugins for use during upload. | Optional
-| `report_code` | The code of the report if using local upload. If unsure, leave unset. Read more here https://docs.codecov.com/docs/the-codecov-cli#how-to-use-local-upload | Optional
+| `report_code` | The code of the report. If unsure, do not include | Optional
-| `report_type` | The type of file to upload, coverage by default. Possible values are "test_results", "coverage". | Optional
+| `root_dir` | Used to specify the location of your   .git   root to identify project root directory | Optional
-| `root_dir` | Root folder from which to consider paths on the network section. Defaults to current working directory. | Optional
+| `slug` | Specify the slug manually (Enterprise use) | Optional
-| `run_command` | Choose which CLI command to run. Options are "upload-coverage", "empty-upload", "pr-base-picking", "send-notifications". "upload-coverage" is run by default.' | Optional
+| `url` | Specify the base url to upload (Enterprise use) | Optional
-| `skip_validation` | Skip integrity checking of the CLI. This is NOT recommended. | Optional
+| `use_legacy_upload_endpoint` | Use the legacy upload endpoint | Optional
-| `slug` | [Required when using the org token] Set to the owner/repo slug used instead of the private repo token. Only applicable to some Enterprise users. | Optional
+| `use_oidc` | Use OpenID Connect for verification instead of token. This will ignore any token supplied. Please see [GitHub documentation](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect) for details.
-| `swift_project` | Specify the swift project name. Useful for optimization. | Optional
+| `verbose` | Specify whether the Codecov output should be verbose | Optional
-| `token` | Repository Codecov token. Used to authorize report uploads | Optional
+| `version` | Specify which version of the Codecov CLI should be used. Defaults to `latest` | Optional
 | `url` | Set to the Codecov instance URl. Used by Dedicated Enterprise Cloud customers. | Optional
 | `use_legacy_upload_endpoint` | Use the legacy upload endpoint. | Optional
 | `use_oidc` | Use OIDC instead of token. This will ignore any token supplied | Optional
 | `use_pypi` | Use the pypi version of the CLI instead of from cli.codecov.io. If specified, integrity checking will be bypassed. | Optional
 | `verbose` | Enable verbose logging | Optional
 | `version` | Which version of the Codecov CLI to use (defaults to 'latest', must start with a leading 'v'; example: `v10.0.1`) | Optional
 | `working-directory` | Directory in which to execute codecov.sh | Optional
 ### Example `workflow.yml` with Codecov Action
@ -190,31 +152,30 @@ jobs:
        os: [ubuntu-latest, macos-latest, windows-latest]
    env:
      OS: ${{ matrix.os }}
-      PYTHON: "3.10"
+      PYTHON: '3.10'
    steps:
-      - uses: actions/checkout@main
+    - uses: actions/checkout@main
-      - name: Setup Python
+    - name: Setup Python
-        uses: actions/setup-python@main
+      uses: actions/setup-python@main
-        with:
+      with:
-          python-version: "3.10"
+        python-version: 3.10
-      - name: Generate coverage report
+    - name: Generate coverage report
-        run: |
+      run: |
-          pip install pytest
+        pip install pytest
-          pip install pytest-cov
+        pip install pytest-cov
-          pytest --cov=./ --cov-report=xml
+        pytest --cov=./ --cov-report=xml
-      - name: Upload coverage to Codecov
+    - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@v5
+      uses: codecov/codecov-action@v4
-        with:
+      with:
-          directory: ./coverage/reports/
+        directory: ./coverage/reports/
-          env_vars: OS,PYTHON
+        env_vars: OS,PYTHON
-          fail_ci_if_error: true
+        fail_ci_if_error: true
-          files: ./coverage1.xml,./coverage2.xml,!./cache
+        files: ./coverage1.xml,./coverage2.xml,!./cache
-          flags: unittests
+        flags: unittests
-          name: codecov-umbrella
+        name: codecov-umbrella
-          token: ${{ secrets.CODECOV_TOKEN }}
+        token: ${{ secrets.CODECOV_TOKEN }}
-          verbose: true
+        verbose: true
 ```
 ## Contributing
 Contributions are welcome! Check out the [Contribution Guide](CONTRIBUTING.md).
--- a/1
+++ b/1
@ -0,0 +1 @@
 5.0.0-beta
--- a/action.yml
+++ b/action.yml
@ -4,9 +4,6 @@ name: 'Codecov'
 description: 'GitHub Action that uploads coverage reports for your repository to codecov.io'
 author: 'Thomas Hu <@thomasrockhu-codecov> | Codecov'
 inputs:
  base_sha:
    description: 'The base SHA to select. This is only used in the "pr-base-picking" run command'
    required: false
  binary:
    description: 'The file location of a pre-downloaded version of the CLI. If specified, integrity checking will be bypassed.'
    required: false
@ -31,10 +28,6 @@ inputs:
    description: 'Disable setting safe directory. Set to true to disable.'
    required: false
    default: 'false'
  disable_telem:
    description: 'Disable sending telemetry data to Codecov. Set to true to disable.'
    required: false
    default: 'false'
  dry_run:
    description: "Don't upload files to Codecov"
    required: false
@ -50,14 +43,11 @@ inputs:
    required: false
    default: 'false'
  files:
-    description: 'Comma-separated list of explicit files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using disable_search to disable uploading other files.'
+    description: 'Comma-separated list of explicit files to upload. These will be added to the coverage files found for upload. If you wish to only upload the specified files, please consider using disable-search to disable uploading other files.'
    required: false
  flags:
    description: 'Comma-separated list of flags to upload to group coverage metrics.'
    required: false
  force:
    description: 'Only used for empty-upload run command'
    required: false
  git_service:
    description: 'Override the git_service (e.g. github_enterprise)'
    required: false
@ -112,22 +102,15 @@ inputs:
  plugins:
    description: 'Comma-separated list of plugins to run. Specify `noop` to turn off all plugins'
    required: false
  recurse_submodules:
    description: 'Whether to enumerate files inside of submodules for path-fixing purposes. Off by default.'
    default: 'false'
  report_code:
    description: 'The code of the report if using local upload. If unsure, leave default. Read more here https://docs.codecov.com/docs/the-codecov-cli#how-to-use-local-upload'
    required: false
  report_type:
-    description: 'The type of file to upload, coverage by default. Possible values are "test_results", "coverage".'
+    description: 'The type of file to upload, coverage by default. Possible values are "testing", "coverage".'
    required: false
  root_dir:
    description: 'Root folder from which to consider paths on the network section. Defaults to current working directory.'
    required: false
  run_command:
    description: 'Choose which CLI command to run. Options are "upload-coverage", "empty-upload", "pr-base-picking", "send-notifications". "upload-coverage" is run by default.'
    required: false
    default: 'upload-coverage'
  skip_validation:
    description: 'Skip integrity checking of the CLI. This is NOT recommended.'
    required: false
@ -152,10 +135,6 @@ inputs:
    description: 'Use OIDC instead of token. This will ignore any token supplied'
    required: false
    default: 'false'
  use_pypi:
    description: 'Use the pypi version of the CLI instead of from cli.codecov.io'
    required: false
    default: 'false'
  verbose:
    description: 'Enable verbose logging'
    required: false
@ -175,148 +154,40 @@ branding:
 runs:
  using: "composite"
  steps:
    - name: Check system dependencies
      shell: sh
      run: |
        missing_deps=""
        # Check for always-required commands
        for cmd in bash git curl; do
          if ! command -v "$cmd" >/dev/null 2>&1; then
            missing_deps="$missing_deps $cmd"
          fi
        done
        # Check for gpg only if validation is not being skipped
        if [ "${{ inputs.skip_validation }}" != "true" ]; then
          if ! command -v gpg >/dev/null 2>&1; then
            missing_deps="$missing_deps gpg"
          fi
        fi
        # Report missing required dependencies
        if [ -n "$missing_deps" ]; then
          echo "Error: The following required dependencies are missing:$missing_deps"
          echo "Please install these dependencies before using this action."
          exit 1
        fi
        echo "All required system dependencies are available."
    - name: Action version
      shell: bash
      run: |
        CC_ACTION_VERSION=$(cat ${GITHUB_ACTION_PATH}/src/version)
        echo -e "\033[0;32m==>\033[0m Running Action version $CC_ACTION_VERSION"
    - name: Set safe directory
-      if: ${{ inputs.disable_safe_directory != 'true' }}
+      if: ${{ inputs.set_safe_directory != 'true' }}
      shell: bash
      run: |
-        git config --global --add safe.directory "${{ github.workspace }}"
+        git config --global --add safe.directory ${{ github.workspace }}
        git config --global --add safe.directory "$GITHUB_WORKSPACE"
    - name: Set fork
      shell: bash
      run: |
        CC_FORK="false"
        if [ -n "$GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME" ] && [ "$GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME" != "$GITHUB_REPOSITORY" ];
        then
          echo -e "\033[0;32m==>\033[0m Fork detected"
          CC_FORK="true"
        fi
        echo "CC_FORK=$CC_FORK" >> "$GITHUB_ENV"
      env:
        GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL: ${{ github.event.pull_request.head.label }}
        GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME: ${{ github.event.pull_request.head.repo.full_name }}
        GITHUB_REPOSITORY: ${{ github.repository }}
    - name: Get OIDC token
      uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
      id: oidc
      with:
        script: |
          if (process.env.CC_USE_OIDC === 'true' && process.env.CC_FORK != 'true') {
            const id_token = await core.getIDToken(process.env.CC_OIDC_AUDIENCE)
            return id_token
          }
      env:
        CC_OIDC_AUDIENCE: ${{ inputs.url || 'https://codecov.io' }}
        CC_USE_OIDC: ${{ inputs.use_oidc }}
    - name: Get and set token
      shell: bash
      run: |
-        if [ "${{ inputs.use_oidc }}" == 'true' ] && [ "$CC_FORK" != 'true' ];
+        if [ ${{ inputs.use_oidc }} == 'true' ];
        then
-          echo "CC_TOKEN=$CC_OIDC_TOKEN" >> "$GITHUB_ENV"
+          # {"count":1984,"value":"***"}
-        elif [ -n "${{ env.CODECOV_TOKEN }}" ];
+          CODECOV_TOKEN=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=api://AzureADTokenExchange" | cut -d\' -f6)
-        then
+          echo "CODECOV_TOKEN=$CODECOV_TOKEN" >> $GITHUB_ENV
          echo -e "\033[0;32m==>\033[0m Token set from env"
            echo "CC_TOKEN=${{ env.CODECOV_TOKEN }}" >> "$GITHUB_ENV"
        else
-          if [ -n "${{ inputs.token }}" ];
+          if [ -n ${{ inputs.token }} ];
          then
-            echo -e "\033[0;32m==>\033[0m Token set from input"
+            CODECOV_TOKEN=${{ inputs.token }}
-            CC_TOKEN=$(echo "${{ inputs.token }}" | tr -d '\n')
+            echo "CODECOV_TOKEN=$CODECOV_TOKEN" >> $GITHUB_ENV
            echo "CC_TOKEN=$CC_TOKEN" >> "$GITHUB_ENV"
          fi
        fi
      env:
        CC_OIDC_TOKEN: ${{ steps.oidc.outputs.result }}
        CC_OIDC_AUDIENCE: ${{ inputs.url || 'https://codecov.io' }}
    - name: Override branch for forks
      shell: bash
      run: |
        if [ -z "$CC_BRANCH" ] && [ -z "$CC_TOKEN" ] && [ "$CC_FORK" == 'true' ]
        then
          echo -e "\033[0;32m==>\033[0m Fork detected, setting branch to $GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
          TOKENLESS="$GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
          CC_BRANCH="$GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL"
          echo "TOKENLESS=$TOKENLESS" >> "$GITHUB_ENV"
        fi
        echo "CC_BRANCH=$CC_BRANCH" >> "$GITHUB_ENV"
      env:
        CC_BRANCH: ${{ inputs.override_branch }}
        GITHUB_EVENT_PULL_REQUEST_HEAD_LABEL: ${{ github.event.pull_request.head.label }}
        GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME: ${{ github.event.pull_request.head.repo.full_name }}
        GITHUB_REPOSITORY: ${{ github.repository }}
    - name: Override commits and pr for pull requests
      shell: bash
      run: |
        if [ -z "$CC_SHA" ];
        then
          CC_SHA="$GITHUB_EVENT_PULL_REQUEST_HEAD_SHA"
        fi
        if [ -z "$CC_PR" ] && [ "$CC_FORK" == 'true' ];
        then
          CC_PR="$GITHUB_EVENT_NUMBER"
        fi
        echo "CC_SHA=$CC_SHA" >> "$GITHUB_ENV"
        echo "CC_PR=$CC_PR" >> "$GITHUB_ENV"
      env:
        CC_PR: ${{ inputs.override_pr }}
        CC_SHA: ${{ inputs.override_commit }}
        GITHUB_EVENT_NAME: ${{ github.event_name }}
        GITHUB_EVENT_NUMBER: ${{ github.event.number }}
        GITHUB_EVENT_PULL_REQUEST_HEAD_SHA: ${{ github.event.pull_request.head.sha }}
    - name: Upload coverage to Codecov
      run: ${GITHUB_ACTION_PATH}/dist/codecov.sh
      shell: bash
      working-directory: ${{ inputs.working-directory }}
      env:
        CC_BASE_SHA: ${{ inputs.base_sha }}
        CC_BINARY: ${{ inputs.binary }}
        CC_BRANCH: ${{ inputs.override_branch }}
        CC_BUILD: ${{ inputs.override_build }}
        CC_BUILD_URL: ${{ inputs.override_build_url }}
        CC_CODE: ${{ inputs.report_code }}
        CC_DIR: ${{ inputs.directory }}
        CC_DISABLE_FILE_FIXES: ${{ inputs.disable_file_fixes }}
        CC_DISABLE_SEARCH: ${{ inputs.disable_search }}
        CC_DISABLE_TELEM: ${{ inputs.disable_telem }}
        CC_DRY_RUN: ${{ inputs.dry_run }}
        CC_ENTERPRISE_URL: ${{ inputs.url }}
        CC_ENV: ${{ inputs.env_vars }}
@ -324,7 +195,6 @@ runs:
        CC_FAIL_ON_ERROR: ${{ inputs.fail_ci_if_error }}
        CC_FILES: ${{ inputs.files }}
        CC_FLAGS: ${{ inputs.flags }}
        CC_FORCE: ${{ inputs.force }}
        CC_GCOV_ARGS: ${{ inputs.gcov_args }}
        CC_GCOV_EXECUTABLE: ${{ inputs.gcov_executable }}
        CC_GCOV_IGNORE: ${{ inputs.gcov_ignore }}
@ -340,14 +210,13 @@ runs:
        CC_OS: ${{ inputs.os }}
        CC_PARENT_SHA: ${{ inputs.commit_parent }}
        CC_PLUGINS: ${{ inputs.plugins }}
-        CC_RECURSE_SUBMODULES: ${{ inputs.recurse_submodules }}
+        CC_PR: ${{ inputs.override_pr }}
        CC_REPORT_TYPE: ${{ inputs.report_type }}
-        CC_RUN_CMD: ${{ inputs.run_command }}
+        CC_SHA: ${{ inputs.override_commit }}
        CC_SERVICE: ${{ inputs.git_service }}
        CC_SKIP_VALIDATION: ${{ inputs.skip_validation }}
        CC_SLUG: ${{ inputs.slug }}
        CC_SWIFT_PROJECT: ${{ inputs.swift_project }}
-        CC_USE_PYPI: ${{ inputs.use_pypi }}
+        CC_TOKEN: $CODECOV_TOKEN
        CC_VERBOSE: ${{ inputs.verbose }}
        CC_VERSION: ${{ inputs.version }}
        CC_YML_PATH: ${{ inputs.codecov_yml_path }}
--- a/app/init.py
+++ b/app/init.py
--- a/app/calculator.py
+++ b/app/calculator.py
@ -1,15 +0,0 @@
 class Calculator:
    def add(x, y):
        return x + y
    def subtract(x, y):
        return x - y
    def multiply(x, y):
        return x * y
    def divide(x, y):
        if y == 0:
            return 'Cannot divide by 0'
        return x * 1.0 / y
--- a/app/requirements.txt
+++ b/app/requirements.txt
@ -1 +0,0 @@
 pytest-cov
--- a/app/test_calculator.py
+++ b/app/test_calculator.py
@ -1,31 +0,0 @@
 from .calculator import Calculator
 def test_add():
    assert Calculator.add(1, 2) == 3.0
    assert Calculator.add(1.0, 2.0) == 3.0
    assert Calculator.add(0, 2.0) == 2.0
    assert Calculator.add(2.0, 0) == 2.0
    assert Calculator.add(-4, 2.0) == -2.0
 def test_subtract():
    assert Calculator.subtract(1, 2) == -1.0
    assert Calculator.subtract(2, 1) == 1.0
    assert Calculator.subtract(1.0, 2.0) == -1.0
    assert Calculator.subtract(0, 2.0) == -2.0
    assert Calculator.subtract(2.0, 0.0) == 2.0
    assert Calculator.subtract(-4, 2.0) == -6.0
 def test_multiply():
    assert Calculator.multiply(1, 2) == 2.0
    assert Calculator.multiply(1.0, 2.0) == 2.0
    assert Calculator.multiply(0, 2.0) == 0.0
    assert Calculator.multiply(2.0, 0.0) == 0.0
    assert Calculator.multiply(-4, 2.0) == -8.0
 def test_divide():
    # assert Calculator.divide(1, 2) == 0.5
    assert Calculator.divide(1.0, 2.0) == 0.5
    assert Calculator.divide(0, 2.0) == 0
    assert Calculator.divide(-4, 2.0) == -2.0
    # assert Calculator.divide(2.0, 0.0) == 'Cannot divide by 0'
--- a/changelog.py
+++ b/changelog.py
@ -1,76 +0,0 @@
 import json
 import re
 import subprocess
 def update_changelog():
    with open('src/version', 'r') as f:
        version = f.read()
    changelog = [f"## v{version}"]
    changelog.append("### What\'s Changed")
    with open('CHANGELOG.md', 'r') as f:
        previous = f.readline().replace("##", '').strip()
    if previous == version:
        print(f"No changes to version {version}")
        return
    print(f"Adding logs from {previous}..v{version}")
    raw_current_branch = subprocess.run([
        "git",
        "branch",
        "--show-current",
    ], capture_output=True)
    current_branch = raw_current_branch.stdout.decode('utf-8').strip()
    raw_commits = subprocess.run([
        "git",
        "log",
        f"{previous}..{current_branch}",
        "--oneline",
    ], capture_output=True)
    commits = [line[:7] for line in raw_commits.stdout.decode('utf-8').split('\n')]
    print(commits)
    prs = set()
    for commit in commits:
        if not commit:
            continue
        commit_output = subprocess.run([
            'gh',
            'pr',
            'list',
            '--json',
            'author,number,title,url',
            '--search',
            f'"{commit}"',
            '--state',
            'merged',
        ], capture_output=True)
        commit_details = commit_output.stdout.decode('utf-8')
        if not commit_details or not json.loads(commit_details):
            continue
        commit_details = json.loads(commit_details)[0]
        if not commit_details['number']:
            continue
        if commit_details['number'] in prs:
            continue
        prs.add(commit_details['number'])
        changelog.append(f"* {commit_details['title']} by @{commit_details['author']['login']} in {commit_details['url']}")
    changelog.append('\n')
    changelog.append(f"**Full Changelog**: https://github.com/codecov/codecov-action/compare/{previous}..v{version}\n")
    with open('CHANGELOG.md', 'r') as f:
        for line in f:
            changelog.append(line.strip())
    with open('CHANGELOG.md', 'w') as f:
        f.write('\n'.join(changelog))
 if __name__=="__main__":
    update_changelog()
--- a/dist/codecov.sh
+++ b/dist/codecov.sh
@ -1,11 +1,12 @@
 #!/usr/bin/env bash
 CC_WRAPPER_VERSION="0.0.23"
 set +u
 say() {
  echo -e "$1"
 }
 exit_if_error() {
  say "$r==> $1$x"
-  if [ "$CC_FAIL_ON_ERROR" = true ];
+  if [ $CC_FAIL_ON_ERROR = true ];
  then
     say "$r    Exiting...$x"
     exit 1;
@ -14,34 +15,22 @@ exit_if_error() {
 lower() {
  echo $(echo $1 | sed 's/CC//' | sed 's/_/-/g' | tr '[:upper:]' '[:lower:]')
 }
-k_arg() {
+write_existing_args() {
-  if [ -n "$(eval echo \$"CC_$1")" ];
+  if [ -n "$(eval echo \$$1)" ];
  then
-    echo "--$(lower "$1")"
+    echo " -$(lower "$1") $(eval echo \$$1)"
  fi
 }
-v_arg() {
+write_truthy_args() {
  if [ -n "$(eval echo \$"CC_$1")" ];
  then
    echo "$(eval echo \$"CC_$1")"
  fi
 }
 write_bool_args() {
  if [ "$(eval echo \$$1)" = "true" ] || [ "$(eval echo \$$1)" = "1" ];
  then
-    echo "-$(lower $1)"
+    echo " -$(lower $1)"
  fi
 }
 b="\033[0;36m"  # variables/constants
 g="\033[0;32m"  # info/debug
 r="\033[0;31m"  # errors
 x="\033[0m"
 retry="--retry 5 --retry-delay 2"
 CC_WRAPPER_VERSION="0.2.7"
 CC_VERSION="${CC_VERSION:-latest}"
 CC_FAIL_ON_ERROR="${CC_FAIL_ON_ERROR:-false}"
 CC_RUN_CMD="${CC_RUN_CMD:-upload-coverage}"
 CC_CLI_TYPE=${CC_CLI_TYPE:-"codecov-cli"}
 say "     _____          _
    / ____|        | |
   | |     ___   __| | ___  ___ _____   __
@ -49,207 +38,165 @@ say "     _____          _
   | |___| (_) | (_| |  __/ (_| (_) \\ V /
    \\_____\\___/ \\__,_|\\___|\\___\\___/ \\_/
                           $r Wrapper-$CC_WRAPPER_VERSION$x
-                           "
+                                  "
-if [[ "$CC_CLI_TYPE" != "codecov-cli" && "$CC_CLI_TYPE" != "sentry-prevent-cli" ]]; then
+CC_VERSION="${CC_VERSION:-latest}"
-  echo "Invalid CC_CLI_TYPE: '$CC_CLI_TYPE'. Must be 'codecov-cli' or 'sentry-prevent-cli'"
+CC_FAIL_ON_ERROR="${CC_FAIL_ON_ERROR:-false}"
  exit 1
 fi
 if [ -n "$CC_BINARY" ];
 then
  if [ -f "$CC_BINARY" ];
  then
-    CC_FILENAME=$CC_BINARY
+    cc_filename=$CC_BINARY
    CC_COMMAND=$CC_BINARY
  else
    exit_if_error "Could not find binary file $CC_BINARY"
  fi
 elif [ "$CC_USE_PYPI" == "true" ];
 then
  if ! pip install "${CC_CLI_TYPE}$([ "$CC_VERSION" == "latest" ] && echo "" || echo "==$CC_VERSION")"; then
    exit_if_error "Could not install via pypi."
    exit
  fi
  CC_COMMAND="${CC_CLI_TYPE}"
 else
  if [ -n "$CC_OS" ];
  then
    say "$g==>$x Overridden OS: $b${CC_OS}$x"
    export cc_os=${CC_OS}
  else
-    CC_OS="windows"
+    CC_OS="linux"
    family=$(uname -s | tr '[:upper:]' '[:lower:]')
-    [[ $family == "darwin" ]] && CC_OS="macos"
+    cc_os="windows"
-    [[ $family == "linux" ]] && CC_OS="linux"
+    [[ $family == "darwin" ]] && cc_os="macos"
-    [[ $CC_OS == "linux" ]] && \
+    [[ $family == "linux" ]] && cc_os="linux"
    [[ $cc_os == "linux" ]] && \
      osID=$(grep -e "^ID=" /etc/os-release | cut -c4-)
-    [[ $osID == "alpine" ]] && CC_OS="alpine"
+    [[ $osID == "alpine" ]] && cc_os="alpine"
-    [[ $(arch) == "aarch64" && $family == "linux" ]] && CC_OS+="-arm64"
+    [[ $(arch) == "aarch64" && $family == "linux" ]] && cc_os+="-arm64"
-    say "$g==>$x Detected $b${CC_OS}$x"
+    say "$g==>$x Detected $b${cc_os}$x"
    export cc_os=${cc_os}
  fi
-  CC_FILENAME="${CC_CLI_TYPE%-cli}"
+  export cc_version=${CC_VERSION}
-  [[ $CC_OS == "windows" ]] && CC_FILENAME+=".exe"
+  cc_filename="codecov"
-  CC_COMMAND="./$CC_FILENAME"
+  [[ $cc_os == "windows" ]] && cc_filename+=".exe"
-  [[ $CC_OS == "macos" ]]  && \
+  export cc_filename=${cc_filename}
  [[ $cc_os == "macos" ]]  && \
    ! command -v gpg 2>&1 >/dev/null && \
    HOMEBREW_NO_AUTO_UPDATE=1 brew install gpg
-  CC_URL="${CC_CLI_URL:-https://cli.codecov.io}"
+  cc_url="https://cli.codecov.io"
-  CC_URL="$CC_URL/${CC_VERSION}"
+  cc_url="$cc_url/${CC_VERSION}"
-  CC_URL="$CC_URL/${CC_OS}/${CC_FILENAME}"
+  cc_url="$cc_url/${cc_os}/${cc_filename}"
-  say "$g ->$x Downloading $b${CC_URL}$x"
+  say "$g ->$x Downloading $b${cc_url}$x"
-  curl -O $retry "$CC_URL"
+  curl -Os $cc_url
-  say "$g==>$x Finishing downloading $b${CC_OS}:${CC_VERSION}$x"
+  say "$g==>$x Finishing downloading $b${cc_os}:${CC_VERSION}$x"
-  v_url="https://cli.codecov.io/api/${CC_OS}/${CC_VERSION}"
+  version_url="https://cli.codecov.io/${cc_os}/${CC_VERSION}"
-  v=$(curl $retry --retry-all-errors -s "$v_url" -H "Accept:application/json" | tr \{ '\n' | tr , '\n' | tr \} '\n' | grep "\"version\"" | awk  -F'"' '{print $4}' | tail -1)
+  version=$(curl -s $version_url -H "Accept:application/json" | jq -r '.version')
-  say "      Version: $b$v$x"
+  say "      Version: $b$version$x"
  say " "
 fi
-if [ "$CC_SKIP_VALIDATION" == "true" ] || [ -n "$CC_BINARY" ] || [ "$CC_USE_PYPI" == "true" ];
+if [ "$CC_SKIP_VALIDATION" = "true" ] || [ -n "$CC_BINARY" ];
 then
-  say "$r==>$x Bypassing validation..."
+  say "$r==>$x Bypassing validation as requested by user"
  if [ "$CC_SKIP_VALIDATION" == "true" ];
  then
    chmod +x "$CC_COMMAND"
  fi
 else
-  echo "$(curl -s https://keybase.io/codecovsecurity/pgp_keys.asc)" | \
+CC_PUBLIC_PGP_KEY=$(curl -s https://keybase.io/codecovsecurity/pgp_keys.asc)
  echo "${CC_PUBLIC_PGP_KEY}"  | \
    gpg --no-default-keyring --import
  # One-time step
  say "$g==>$x Verifying GPG signature integrity"
  sha_url="https://cli.codecov.io"
-  sha_url="${sha_url}/${CC_VERSION}/${CC_OS}"
+  sha_url="${sha_url}/${cc_version}/${cc_os}"
-  sha_url="${sha_url}/${CC_FILENAME}.SHA256SUM"
+  sha_url="${sha_url}/${cc_filename}.SHA256SUM"
  say "$g ->$x Downloading $b${sha_url}$x"
  say "$g ->$x Downloading $b${sha_url}.sig$x"
  say " "
-  curl -Os $retry --connect-timeout 2 "$sha_url"
+  curl -Os --retry 5 --retry-delay 2 --connect-timeout 2 "$sha_url"
-  curl -Os $retry --connect-timeout 2 "${sha_url}.sig"
+  curl -Os --retry 5 --retry-delay 2 --connect-timeout 2 "${sha_url}.sig"
-  if ! gpg --verify "${CC_FILENAME}.SHA256SUM.sig" "${CC_FILENAME}.SHA256SUM";
+  if ! gpg --verify "${cc_filename}.SHA256SUM.sig" "${cc_filename}.SHA256SUM";
  then
    exit_if_error "Could not verify signature. Please contact Codecov if problem continues"
  fi
-  if ! (shasum -a 256 -c "${CC_FILENAME}.SHA256SUM" 2>/dev/null || \
+  if ! (shasum -a 256 -c "${cc_filename}.SHA256SUM" || \
-    sha256sum -c "${CC_FILENAME}.SHA256SUM");
+    sha256sum -c "${cc_filename}.SHA256SUM");
  then
    exit_if_error "Could not verify SHASUM. Please contact Codecov if problem continues"
  fi
  say "$g==>$x CLI integrity verified"
  say
  chmod +x "$CC_COMMAND"
 fi
-if [ -n "$CC_BINARY_LOCATION" ];
+cc_cli_args=()
-then
+cc_cli_args+=( $(write_existing_args CC_AUTO_LOAD_PARAMS_FROM) )
-  mkdir -p "$CC_BINARY_LOCATION" && mv "$CC_FILENAME" $_
+cc_cli_args+=( $(write_existing_args CC_ENTERPRISE_URL) )
-  say "$g==>$x ${CC_CLI_TYPE} binary moved to ${CC_BINARY_LOCATION}"
+cc_cli_args+=( $(write_existing_args CC_YML_PATH) )
-fi
+cc_cli_args+=( $(write_truthy_args CC_VERBOSE) )
-if [ "$CC_DOWNLOAD_ONLY" = "true" ];
+cc_cc_args=()
-then
+cc_cc_args+=( $(write_truthy_args CC_FAIL_ON_ERROR) )
-  say "$g==>$x ${CC_CLI_TYPE} download only called. Exiting..."
+cc_cc_args+=( $(write_existing_args CC_GIT_SERVICE) )
-  exit
+cc_cc_args+=( $(write_existing_args CC_PARENT_SHA) )
-fi
+cc_cc_args+=( $(write_existing_args CC_PR) )
-CC_CLI_ARGS=()
+cc_cc_args+=( $(write_existing_args CC_SHA) )
-CC_CLI_ARGS+=( $(k_arg AUTO_LOAD_PARAMS_FROM) $(v_arg AUTO_LOAD_PARAMS_FROM))
+cc_cc_args+=( $(write_existing_args CC_SLUG) )
-CC_CLI_ARGS+=( $(k_arg ENTERPRISE_URL) $(v_arg ENTERPRISE_URL))
+cc_create_report_args=()
-if [ -n "$CC_YML_PATH" ]
+cc_cr_args+=( $(write_existing_args CC_CODE) )
-then
+cc_cr_args+=( $(write_truthy_args CC_FAIL_ON_ERROR) )
-  CC_CLI_ARGS+=( "--codecov-yml-path" )
+cc_cr_args+=( $(write_existing_args CC_GIT_SERVICE) )
-  CC_CLI_ARGS+=( "$CC_YML_PATH" )
+cc_cr_args+=( $(write_existing_args CC_PR) )
-fi
+cc_cr_args+=( $(write_existing_args CC_SHA) )
-CC_CLI_ARGS+=( $(write_bool_args CC_DISABLE_TELEM) )
+cc_cr_args+=( $(write_existing_args CC_SLUG) )
-CC_CLI_ARGS+=( $(write_bool_args CC_VERBOSE) )
+cc_du_args=()
 CC_ARGS=()
 if [ "$CC_RUN_CMD" == "upload-coverage" ]; then
 # Args for create commit
 CC_ARGS+=( $(write_bool_args CC_FAIL_ON_ERROR) )
 CC_ARGS+=( $(k_arg GIT_SERVICE) $(v_arg GIT_SERVICE))
 CC_ARGS+=( $(k_arg PARENT_SHA) $(v_arg PARENT_SHA))
 CC_ARGS+=( $(k_arg PR) $(v_arg PR))
 CC_ARGS+=( $(k_arg SHA) $(v_arg SHA))
 CC_ARGS+=( $(k_arg SLUG) $(v_arg SLUG))
 # Args for create report
 CC_ARGS+=( $(k_arg CODE) $(v_arg CODE))
 # Args for do upload
 CC_ARGS+=( $(k_arg ENV) $(v_arg ENV))
 OLDIFS=$IFS;IFS=,
-CC_ARGS+=( $(k_arg BRANCH) $(v_arg BRANCH))
+cc_du_args+=( $(write_existing_args CC_BRANCH) )
-CC_ARGS+=( $(k_arg BUILD) $(v_arg BUILD))
+cc_du_args+=( $(write_existing_args CC_BUILD) )
-CC_ARGS+=( $(k_arg BUILD_URL) $(v_arg BUILD_URL))
+cc_du_args+=( $(write_existing_args CC_BUILD_URL) )
-CC_ARGS+=( $(k_arg DIR) $(v_arg DIR))
+cc_du_args+=( $(write_existing_args CC_CODE) )
-CC_ARGS+=( $(write_bool_args CC_DISABLE_FILE_FIXES) )
+cc_du_args+=( $(write_existing_args CC_DIR) )
-CC_ARGS+=( $(write_bool_args CC_DISABLE_SEARCH) )
+cc_du_args+=( $(write_truthy_args CC_DISABLE_FILE_FIXES) )
-CC_ARGS+=( $(write_bool_args CC_DRY_RUN) )
+cc_du_args+=( $(write_truthy_args CC_DISABLE_SEARCH) )
 cc_du_args+=( $(write_truthy_args CC_DRY_RUN) )
 cc_du_args+=( $(write_existing_args CC_ENV) )
 if [ -n "$CC_EXCLUDES" ];
 then
  for directory in $CC_EXCLUDES; do
-    CC_ARGS+=( "--exclude" "$directory" )
+    cc_du_args+=( " --exclude " "$directory" )
  done
 fi
 cc_du_args+=( $(write_truthy_args CC_FAIL_ON_ERROR) )
 if [ -n "$CC_FILES" ];
 then
  for file in $CC_FILES; do
-    CC_ARGS+=( "--file" "$file" )
+    cc_du_args+=( " --file " "$file" )
  done
 fi
 if [ -n "$CC_FLAGS" ];
 then
  for flag in $CC_FLAGS; do
-    CC_ARGS+=( "--flag" "$flag" )
+    cc_du_args+=( " --flag " "$flag" )
  done
 fi
-CC_ARGS+=( $(k_arg GCOV_ARGS) $(v_arg GCOV_ARGS))
+cc_du_args+=( $(write_existing_args CC_GCOV_ARGS) )
-CC_ARGS+=( $(k_arg GCOV_EXECUTABLE) $(v_arg GCOV_EXECUTABLE))
+cc_du_args+=( $(write_existing_args CC_GCOV_EXECUTABLE) )
-CC_ARGS+=( $(k_arg GCOV_IGNORE) $(v_arg GCOV_IGNORE))
+cc_du_args+=( $(write_existing_args CC_GCOV_IGNORE) )
-CC_ARGS+=( $(k_arg GCOV_INCLUDE) $(v_arg GCOV_INCLUDE))
+cc_du_args+=( $(write_existing_args CC_GCOV_INCLUDE) )
-CC_ARGS+=( $(write_bool_args CC_HANDLE_NO_REPORTS_FOUND) )
+cc_du_args+=( $(write_existing_args CC_GIT_SERVICE) )
-CC_ARGS+=( $(write_bool_args CC_RECURSE_SUBMODULES) )
+cc_du_args+=( $(write_truthy_args CC_HANDLE_NO_REPORTS_FOUND) )
-CC_ARGS+=( $(k_arg JOB_CODE) $(v_arg JOB_CODE))
+cc_du_args+=( $(write_existing_args CC_JOB_CODE) )
-CC_ARGS+=( $(write_bool_args CC_LEGACY) )
+cc_du_args+=( $(write_truthy_args CC_LEGACY) )
-if [ -n "$CC_NAME" ];
+cc_du_args+=( $(write_existing_args CC_NAME) )
-then
+cc_du_args+=( $(write_existing_args CC_NETWORK_FILTER) )
-  CC_ARGS+=( "--name" "$CC_NAME" )
+cc_du_args+=( $(write_existing_args CC_NETWORK_PREFIX) )
-fi
+cc_du_args+=( $(write_existing_args CC_NETWORK_ROOT_FOLDER) )
 CC_ARGS+=( $(k_arg NETWORK_FILTER) $(v_arg NETWORK_FILTER))
 CC_ARGS+=( $(k_arg NETWORK_PREFIX) $(v_arg NETWORK_PREFIX))
 CC_ARGS+=( $(k_arg NETWORK_ROOT_FOLDER) $(v_arg NETWORK_ROOT_FOLDER))
 if [ -n "$CC_PLUGINS" ];
 then
  for plugin in $CC_PLUGINS; do
-    CC_ARGS+=( "--plugin" "$plugin" )
+    cc_du_args+=( " --plugin " "$plugin" )
  done
 fi
-CC_ARGS+=( $(k_arg REPORT_TYPE) $(v_arg REPORT_TYPE))
+cc_du_args+=( $(write_existing_args CC_PR) )
-CC_ARGS+=( $(k_arg SWIFT_PROJECT) $(v_arg SWIFT_PROJECT))
+cc_du_args+=( $(write_existing_args CC_REPORT_TYPE) )
 cc_du_args+=( $(write_existing_args CC_SHA) )
 cc_du_args+=( $(write_existing_args CC_SLUG) )
 cc_du_args+=( $(write_existing_args CC_SWIFT_PROJECT) )
 IFS=$OLDIFS
 elif [ "$CC_RUN_CMD" == "empty-upload" ]; then
 CC_ARGS+=( $(k_arg BRANCH) $(v_arg BRANCH))
 CC_ARGS+=( $(write_bool_args CC_FAIL_ON_ERROR) )
 CC_ARGS+=( $(write_bool_args CC_FORCE) )
 CC_ARGS+=( $(k_arg GIT_SERVICE) $(v_arg GIT_SERVICE))
 CC_ARGS+=( $(k_arg PARENT_SHA) $(v_arg PARENT_SHA))
 CC_ARGS+=( $(k_arg PR) $(v_arg PR))
 CC_ARGS+=( $(k_arg SHA) $(v_arg SHA))
 CC_ARGS+=( $(k_arg SLUG) $(v_arg SLUG))
 elif [ "$CC_RUN_CMD" == "pr-base-picking" ]; then
 CC_ARGS+=( $(k_arg BASE_SHA) $(v_arg BASE_SHA))
 CC_ARGS+=( $(k_arg PR) $(v_arg PR))
 CC_ARGS+=( $(k_arg SLUG) $(v_arg SLUG))
 CC_ARGS+=( $(k_arg SERVICE) $(v_arg SERVICE))
 elif [ "$CC_RUN_CMD" == "send-notifications" ]; then
 CC_ARGS+=( $(k_arg SHA) $(v_arg SHA))
 CC_ARGS+=( $(write_bool_args CC_FAIL_ON_ERROR) )
 CC_ARGS+=( $(k_arg GIT_SERVICE) $(v_arg GIT_SERVICE))
 CC_ARGS+=( $(k_arg SLUG) $(v_arg SLUG))
 else
  exit_if_error "Invalid run command specified: $CC_RUN_CMD"
  exit
 fi
 unset NODE_OPTIONS
-# github.com/codecov/uploader/issues/475
+# See https://github.com/codecov/uploader/issues/475
 chmod +x $cc_filename
 if [ -n "$CC_TOKEN_VAR" ];
 then
  token="$(eval echo \$$CC_TOKEN_VAR)"
 else
  token="$(eval echo $CC_TOKEN)"
 fi
-say "$g ->$x Token length: ${#token}"
+say "$g ->$x Token of length ${#token} detected"
 token_str=""
 token_arg=()
 if [ -n "$token" ];
@ -257,13 +204,35 @@ then
  token_str+=" -t <redacted>"
  token_arg+=( " -t " "$token")
 fi
-say "$g==>$x Running $CC_RUN_CMD"
+say "$g==>$x Running create-commit"
-say "      $b$CC_COMMAND $(echo "${CC_CLI_ARGS[@]}") $CC_RUN_CMD$token_str $(echo "${CC_ARGS[@]}")$x"
+say "      $b./$cc_filename $(echo "${cc_cli_args[@]}") create-commit$token_str $(echo "${cc_cc_args[@]}")$x"
-if ! $CC_COMMAND \
+if ! ./$cc_filename \
-  ${CC_CLI_ARGS[*]} \
+  ${cc_cli_args[*]} \
-  ${CC_RUN_CMD} \
+  create-commit \
  ${token_arg[*]} \
-  "${CC_ARGS[@]}";
+  ${cc_cc_args[*]};
 then
-  exit_if_error "Failed to run $CC_RUN_CMD"
+  exit_if_error "Failed to create-commit"
 fi
 say " "
 say "$g==>$x Running create-report"
 say "      $b./$cc_filename $(echo "${cc_cli_args[@]}") create-report$token_str $(echo "${cc_cr_args[@]}")$x"
 if ! ./$cc_filename \
  ${cc_cli_args[*]} \
  create-report \
  ${token_arg[*]} \
  ${cc_cr_args[*]};
 then
  exit_if_error "Failed to create-report"
 fi
 say " "
 say "$g==>$x Running do-upload"
 say "      $b./$cc_filename $(echo "${cc_cli_args[@]}") do-upload$token_str $(echo "${cc_du_args[@]}")$x"
 if ! ./$cc_filename \
  ${cc_cli_args[*]} \
  do-upload \
  ${token_arg[*]} \
  ${cc_du_args[*]};
 then
  exit_if_error "Failed to upload"
 fi
--- a/hooks/pre-commit
+++ b/hooks/pre-commit
@ -4,10 +4,3 @@ set -e
 cp src/scripts/dist/codecov.sh dist/codecov.sh
 git add dist/codecov.sh
 git diff --cached --name-only | if grep --quiet "src/version"
 then
    python changelog.py
 fi
 git add CHANGELOG.md
--- a/src/scripts
+++ b/src/scripts
@ -1 +1 @@
-Subproject commit 473e2924695f5dbe1cca4a5f6f8a7182c2ddadc5
+Subproject commit c4d213e6887bffb87543c40cd3bb8eb93b264221
--- a/src/version
+++ b/src/version
@ -1 +1 @@
-5.5.2
+CODECOV_ACTION_VERSION="5.0.0"
		`@ -1 +1 @@`
			`Subproject commit 473e2924695f5dbe1cca4a5f6f8a7182c2ddadc5`				`Subproject commit c4d213e6887bffb87543c40cd3bb8eb93b264221`