evaluate codecov/codecov-action v4 token
spencerschrock opened this issue · comments
Spencer Schrock commented
As of v4, a token is required for upload.
Changelog link
Some of our uploading workflows are in a pull_request
trigger, which won't have access to secrets, and switching to pull_request_target
just for that isn't worth the risk.
See this discussion for context: #3857 (comment)
Perhaps tokenless uploading will come back in later versions? maybe we use a different way of visualizing codecov?
github-actions commented
This issue has been marked stale because it has been open for 60 days with no activity.