Skip to content

build(deps): bump codecov/codecov-action from 5 to 6#589

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/github_actions/codecov/codecov-action-6
Open

build(deps): bump codecov/codecov-action from 5 to 6#589
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/github_actions/codecov/codecov-action-6

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 26, 2026
edited by coderabbitai bot
Loading

Bumps codecov/codecov-action from 5 to 6.

Release notes

Sourced from codecov/codecov-action's releases.

v6.0.0

⚠️ This version introduces support for node24 which make cause breaking changes for systems that do not currently support node24. ⚠️

What's Changed

Full Changelog: codecov/codecov-action@v5.5.4...v6.0.0

v5.5.4

This is a mirror of v5.5.2. v6 will be released which requires node24

What's Changed

Full Changelog: codecov/codecov-action@v5.5.3...v5.5.4

v5.5.3

What's Changed

Full Changelog: codecov/codecov-action@v5.5.2...v5.5.3

v5.5.2

What's Changed

New Contributors

Full Changelog: codecov/codecov-action@v5.5.1...v5.5.2

v5.5.1

What's Changed

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

  • Chores
    • Updated code coverage reporting tool to the latest version for improved reliability and compatibility.

@dependabot
build(deps): bump codecov/codecov-action from 5 to 6
a333c51 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5 to 6.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v5...v6)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 26, 2026
@openshift-ci
Copy link

openshift-ci bot commented Mar 26, 2026

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a codeready-toolchain member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@coderabbitai
Copy link

coderabbitai bot commented Mar 26, 2026
edited
Loading

Walkthrough

Updated the Codecov GitHub Action version in the upload-coverage workflow from v5 to v6 without modifying any workflow steps, conditions, or control flow logic.

Changes

Cohort / File(s) Summary
GitHub Actions Workflow
.github/workflows/upload-coverage.yml		 Updated codecov-action from v5 to v6.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the main change: bumping codecov/codecov-action from version 5 to 6, which matches the single file change in the changeset.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dependabot/github_actions/codecov/codecov-action-6

Comment @coderabbitai help to get the list of available commands and usage tips.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 26, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

coderabbitai[bot]
coderabbitai bot reviewed Mar 26, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/upload-coverage.yml:
- Line 22: The workflow currently references a non-existent action version
"codecov/codecov-action@v6"; update the uses entry in the GitHub Actions
workflow (the line containing uses: codecov/codecov-action@v6) to a valid v5
release (e.g., uses: codecov/codecov-action@v5 or pin to uses:
codecov/codecov-action@v5.5.3) to restore a real, supported version.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: a668ce11-f536-4d18-ad88-8aeb59afbea2

📥 Commits

Reviewing files that changed from the base of the PR and between ec5eedc and a333c51.

📒 Files selected for processing (1)
  • .github/workflows/upload-coverage.yml

.github/workflows/upload-coverage.yml

- name: Upload to Codecov
uses: codecov/codecov-action@v5
uses: codecov/codecov-action@v6
Copy link

@coderabbitai coderabbitai bot Mar 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🌐 Web query:

codecov-action v6 migration guide breaking changes from v5

💡 Result:

No v6 version of codecov-action exists as of 2026-03-26. The latest release is v5.5.3 (March 2026). The most recent major version is v5.0.0, which introduced breaking changes from v4, but there are no v6 migration guides or breaking changes because v6 has not been released. For reference, v5 breaking changes from v4 (detailed in official CHANGELOG and README): - Uses Codecov Wrapper (encapsulates CLI for faster updates). - Deprecated file → use files; plugin → use plugins. - New inputs: binary, gcov_args, gcov_executable, gcov_ignore, gcov_include, report_type, skip_validation, swift_project. - Tokenless uploads for public repos (opt-out in Codecov settings); forks/PRs supported automatically. - Dependabot needs CODECOV_TOKEN secret access. Continue using @v5 (e.g., uses: codecov/codecov-action@v5) for the latest stable features. Check https://github.com/codecov/codecov-action/releases for updates.

Citations:

🏁 Script executed:

#!/bin/bash
# Description: Find all uses of codecov/codecov-action to ensure consistent updates

# Search for codecov-action usage across all workflow files
rg -n 'codecov/codecov-action' --glob '.github/workflows/*.yml' --glob '.github/workflows/*.yaml'

Repository: codeready-toolchain/registration-service

Length of output: 232

🏁 Script executed:

#!/bin/bash
# Verify the file exists and check its content
ls -la .github/workflows/upload-coverage.yml 2>/dev/null && echo "=== File found ===" || echo "File not found"

# List all files in .github/workflows to understand structure
echo "=== Workflow files available ==="
find .github/workflows -type f 2>/dev/null | head -20

# Search for codecov-action without glob restrictions
echo "=== Searching for codecov-action usage ==="
rg 'codecov/codecov-action' --max-count 20

Repository: codeready-toolchain/registration-service

Length of output: 581

🏁 Script executed:

#!/bin/bash
# Read the actual file to see what's on line 22
echo "=== Full content of upload-coverage.yml ==="
cat -n .github/workflows/upload-coverage.yml

Repository: codeready-toolchain/registration-service

Length of output: 1305

Revert codecov/codecov-action to v5—v6 does not exist.

The change to codecov/codecov-action@v6 references a non-existent version. As of March 2026, the latest release is v5.5.3. Version 6 has never been released. Update line 22 back to v5 (e.g., uses: codecov/codecov-action@v5 or pin to @v5.5.3 for stability).

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/upload-coverage.yml at line 22, The workflow currently
references a non-existent action version "codecov/codecov-action@v6"; update the
uses entry in the GitHub Actions workflow (the line containing uses:
codecov/codecov-action@v6) to a valid v5 release (e.g., uses:
codecov/codecov-action@v5 or pin to uses: codecov/codecov-action@v5.5.3) to
restore a real, supported version.

@alexeykazakov
Copy link
Contributor

alexeykazakov commented Mar 26, 2026

/ok-to-test

@openshift-ci
Copy link

openshift-ci bot commented Mar 26, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alexeykazakov, dependabot[bot]

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci
Copy link

openshift-ci bot commented Mar 26, 2026

@dependabot[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/e2e a333c51 link true /test e2e

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@alexeykazakov alexeykazakov alexeykazakov approved these changes

@MatousJobanek MatousJobanek Awaiting requested review from MatousJobanek

@rsoaresd rsoaresd Awaiting requested review from rsoaresd

Assignees

No one assigned

Labels

approved dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code ok-to-test

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@alexeykazakov