From aec954ce4352680be52b1d5b5754cb48ecbe4e1d Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 27 Feb 2025 09:29:17 +0100
Subject: [PATCH] chore(deps): update codecov/codecov-action action to v5.4.0
 (#6380)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[codecov/codecov-action](https://redirect.github.com/codecov/codecov-action)
| action | minor | `v5.3.1` -> `v5.4.0` |

---

### Release Notes

<details>
<summary>codecov/codecov-action (codecov/codecov-action)</summary>

###
[`v5.4.0`](https://redirect.github.com/codecov/codecov-action/blob/HEAD/CHANGELOG.md#v540)

[Compare
Source](https://redirect.github.com/codecov/codecov-action/compare/v5.3.1...v5.4.0)

##### What's Changed

- update wrapper submodule to 0.2.0, add recurse_submodules arg by
[@&#8203;matt-codecov](https://redirect.github.com/matt-codecov) in
[https://github.com/codecov/codecov-action/pull/1780](https://redirect.github.com/codecov/codecov-action/pull/1780)
- build(deps): bump actions/upload-artifact from 4.6.0 to 4.6.1 by
[@&#8203;app/dependabot](https://redirect.github.com/app/dependabot) in
[https://github.com/codecov/codecov-action/pull/1775](https://redirect.github.com/codecov/codecov-action/pull/1775)
- build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1 by
[@&#8203;app/dependabot](https://redirect.github.com/app/dependabot) in
[https://github.com/codecov/codecov-action/pull/1776](https://redirect.github.com/codecov/codecov-action/pull/1776)
- build(deps): bump github/codeql-action from 3.28.9 to 3.28.10 by
[@&#8203;app/dependabot](https://redirect.github.com/app/dependabot) in
[https://github.com/codecov/codecov-action/pull/1777](https://redirect.github.com/codecov/codecov-action/pull/1777)
- Clarify in README that `use_pypi` bypasses integrity checks too by
[@&#8203;webknjaz](https://redirect.github.com/webknjaz) in
[https://github.com/codecov/codecov-action/pull/1773](https://redirect.github.com/codecov/codecov-action/pull/1773)
- Fix use of safe.directory inside containers by
[@&#8203;Flamefire](https://redirect.github.com/Flamefire) in
[https://github.com/codecov/codecov-action/pull/1768](https://redirect.github.com/codecov/codecov-action/pull/1768)
- Fix description for report_type input by
[@&#8203;craigscott-crascit](https://redirect.github.com/craigscott-crascit)
in
[https://github.com/codecov/codecov-action/pull/1770](https://redirect.github.com/codecov/codecov-action/pull/1770)
- build(deps): bump github/codeql-action from 3.28.8 to 3.28.9 by
[@&#8203;app/dependabot](https://redirect.github.com/app/dependabot) in
[https://github.com/codecov/codecov-action/pull/1765](https://redirect.github.com/codecov/codecov-action/pull/1765)
- Fix a typo in the example by
[@&#8203;miranska](https://redirect.github.com/miranska) in
[https://github.com/codecov/codecov-action/pull/1758](https://redirect.github.com/codecov/codecov-action/pull/1758)
- build(deps): bump github/codeql-action from 3.28.5 to 3.28.8 by
[@&#8203;app/dependabot](https://redirect.github.com/app/dependabot) in
[https://github.com/codecov/codecov-action/pull/1757](https://redirect.github.com/codecov/codecov-action/pull/1757)
- build(deps): bump github/codeql-action from 3.28.1 to 3.28.5 by
[@&#8203;app/dependabot](https://redirect.github.com/app/dependabot) in
[https://github.com/codecov/codecov-action/pull/1753](https://redirect.github.com/codecov/codecov-action/pull/1753)

**Full Changelog**:
https://github.com/codecov/codecov-action/compare/v5.3.1..v5.4.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/open-telemetry/opentelemetry-go).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xNzYuMiIsInVwZGF0ZWRJblZlciI6IjM5LjE3Ni4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJTa2lwIENoYW5nZWxvZyIsImRlcGVuZGVuY2llcyJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: dmathieu <42@dmathieu.com>
---
 .github/workflows/ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 69d2ab009..ad152d01c 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -124,7 +124,7 @@ jobs:
         with:
           pattern: coverage-artifacts-${{ env.DEFAULT_GO_VERSION }}
       - name: Upload coverage report
-        uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # v5.3.1
+        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0
         with:
           fail_ci_if_error: true
           files: ./coverage.txt