chore(deps)(deps): bump codecov/codecov-action from 6.0.1 to 7.0.0

[dependabot]

Bumps codecov/codecov-action from 6.0.1 to 7.0.0.

Release notes

Sourced from codecov/codecov-action's releases.

v7.0.0

⚠️ Due to migration issues with keybase, we are unable to update our keys under the codecovsecurity account. We have deleted the account and are using codecovsecops with the original gpg key

What's Changed

• ci: remove Enforce License Compliance workflow by @​thomasrockhu-codecov in codecov/codecov-action#1950
• chore(release): 7.0.0 by @​thomasrockhu-codecov in codecov/codecov-action#1957

Full Changelog: codecov/codecov-action@v6.0.1...v7.0.0

v6.0.2

This is a copy of the v7.0.0 release to make updates easier

What's Changed

• ci: remove Enforce License Compliance workflow by @​thomasrockhu-codecov in codecov/codecov-action#1950
• chore(release): 7.0.0 by @​thomasrockhu-codecov in codecov/codecov-action#1957

Full Changelog: codecov/codecov-action@v6.0.1...v6.0.2

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

• fix: overwrite pr number on fork by @​thomasrockhu-codecov in codecov/codecov-action#1871
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @​app/dependabot in codecov/codecov-action#1868
• build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @​app/dependabot in codecov/codecov-action#1867
• fix: update to use local app/ dir by @​thomasrockhu-codecov in codecov/codecov-action#1872
• docs: fix typo in README by @​datalater in codecov/codecov-action#1866
• Document a codecov-cli version reference example by @​webknjaz in codecov/codecov-action#1774
• build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @​app/dependabot in codecov/codecov-action#1861
• build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @​app/dependabot in codecov/codecov-action#1833

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

• feat: upgrade wrapper to 0.2.4 by @​jviall in codecov/codecov-action#1864
• Pin actions/github-script by Git SHA by @​martincostello in codecov/codecov-action#1859
• fix: check reqs exist by @​joseph-sentry in codecov/codecov-action#1835
• fix: Typo in README by @​spalmurray in codecov/codecov-action#1838
• docs: Refine OIDC docs by @​spalmurray in codecov/codecov-action#1837
• build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @​app/dependabot in codecov/codecov-action#1829

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

• build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by @​app/dependabot in codecov/codecov-action#1822
• fix: OIDC on forks by @​joseph-sentry in codecov/codecov-action#1823

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

• fb8b358 chore(release): 7.0.0 (#1957)
• ca0a928 ci: remove Enforce License Compliance workflow (#1950)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

• Chores
  • Updated CI/CD workflow configuration to maintain build and test infrastructure reliability.

[dependabot]

Labels

The following labels could not be found: automated, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR updates the pinned GitHub Actions version for the codecov/codecov-action used in the test workflow. A single commit SHA reference is changed in the coverage upload step, with all other workflow configuration remaining unchanged.

Changes

CI Workflow Dependencies

Layer / File(s)	Summary
Codecov action version pinning .github/workflows/tests.yml	The codecov/codecov-action@v5 pinned commit SHA is updated to a new version in the test coverage upload step.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A pin updated with care,
Codecov's action waits there,
Coverage flows with the change,
Tests stay within range! 📊✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main change: a dependency bump of codecov/codecov-action from v6.0.1 to v7.0.0, which matches the raw summary and PR objectives.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/github_actions/codecov/codecov-action-7.0.0

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/tests.yml:
- Line 58: Update the inline comment that documents the pinned codecov action
version: the workflow currently uses the commit SHA
"codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f" while the
trailing comment reads "# v5"; change that comment to "# v7" (or "# v7.0.0") to
reflect the actual upstream tag that contains this SHA, or replace the pinned
SHA with the intended release tag if you meant to stick to v5 instead.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: a61ab10e-9a72-4c00-a7ff-5e85cf01d60f

📥 Commits

Reviewing files that changed from the base of the PR and between cf58e32 and a991d3b.

📒 Files selected for processing (1)

• .github/workflows/tests.yml

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Verify the version tag for the codecov-action commit SHA

# Check what tags point to this commit
git clone --filter=blob:none --no-checkout https://github.com/codecov/codecov-action.git /tmp/codecov-action 2>/dev/null
cd /tmp/codecov-action
git fetch --tags 2>/dev/null
echo "Tags containing commit fb8b3582c8e4def4969c97caa2f19720cb33a72f:"
git tag --contains fb8b3582c8e4def4969c97caa2f19720cb33a72f 2>/dev/null | head -20
echo ""
echo "Checking if this is v7.0.0:"
git rev-parse v7.0.0 2>/dev/null
echo "Actual commit SHA: fb8b3582c8e4def4969c97caa2f19720cb33a72f"

Repository: somethingwithproof/cloudflare-ufw-sync

Length of output: 297

---

Fix version tag/comment mismatch for codecov action.

Line 58 pins codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f, but the inline comment still says # v5. The pinned commit is contained in the upstream v7/v7.0.0 tags, so update the comment to # v7 (or # v7.0.0), or replace the SHA if you intended a different release.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/tests.yml at line 58, Update the inline comment that
documents the pinned codecov action version: the workflow currently uses the
commit SHA "codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f"
while the trailing comment reads "# v5"; change that comment to "# v7" (or "#
v7.0.0") to reflect the actual upstream tag that contains this SHA, or replace
the pinned SHA with the intended release tag if you meant to stick to v5
instead.