ci: bump codecov/codecov-action from 5.5.2 to 5.5.3

[dependabot]

Bumps codecov/codecov-action from 5.5.2 to 5.5.3.

Release notes

Sourced from codecov/codecov-action's releases.

v5.5.3

What's Changed

• build(deps): bump actions/github-script from 7.0.1 to 8.0.0 by @​dependabot[bot] in codecov/codecov-action#1874
• chore(release): bump to 5.5.3 by @​thomasrockhu-codecov in codecov/codecov-action#1922

Full Changelog: codecov/codecov-action@v5.5.2...v5.5.3

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

• fix: overwrite pr number on fork by @​thomasrockhu-codecov in codecov/codecov-action#1871
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @​app/dependabot in codecov/codecov-action#1868
• build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @​app/dependabot in codecov/codecov-action#1867
• fix: update to use local app/ dir by @​thomasrockhu-codecov in codecov/codecov-action#1872
• docs: fix typo in README by @​datalater in codecov/codecov-action#1866
• Document a codecov-cli version reference example by @​webknjaz in codecov/codecov-action#1774
• build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @​app/dependabot in codecov/codecov-action#1861
• build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @​app/dependabot in codecov/codecov-action#1833

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

• feat: upgrade wrapper to 0.2.4 by @​jviall in codecov/codecov-action#1864
• Pin actions/github-script by Git SHA by @​martincostello in codecov/codecov-action#1859
• fix: check reqs exist by @​joseph-sentry in codecov/codecov-action#1835
• fix: Typo in README by @​spalmurray in codecov/codecov-action#1838
• docs: Refine OIDC docs by @​spalmurray in codecov/codecov-action#1837
• build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @​app/dependabot in codecov/codecov-action#1829

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

• build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by @​app/dependabot in codecov/codecov-action#1822
• fix: OIDC on forks by @​joseph-sentry in codecov/codecov-action#1823

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

• 1af5884 chore(release): bump to 5.5.3 (#1922)
• c143300 build(deps): bump actions/github-script from 7.0.1 to 8.0.0 (#1874)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: dependencies, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[greptile-apps]

Greptile Summary

This PR is a routine Dependabot bump of codecov/codecov-action from v5.5.2 to v5.5.3 in the CI workflow. The change updates the pinned commit SHA from 671740ac38dd9b0130fbe1cec585b89eea48d3de to 1af58845a975a7985b0beb0cbe6fbbb71a41dbad, maintaining the security best practice of referencing actions by full commit hash.

• The only change is the SHA + version comment on the uses: line for the "Upload coverage" step
• v5.5.3 includes a transitive bump of actions/github-script from 7.0.1 to 8.0.0 inside the action itself — no user-facing API changes expected
• No other workflow steps, inputs, or configuration are modified

Confidence Score: 5/5

• This PR is safe to merge — it is a minimal, well-scoped patch version bump with no logic changes.
• Single-line change updating a pinned SHA for a patch release of a trusted, widely-used GitHub Action. The action continues to be referenced by a full commit SHA (supply-chain security best practice is preserved). No CI logic, inputs, or other steps are affected.
• No files require special attention.

Important Files Changed

Filename	Overview
.github/workflows/ci.yml	Minor version bump of codecov/codecov-action from v5.5.2 to v5.5.3 with updated pinned commit SHA.

Sequence Diagram

sequenceDiagram
    participant CI as GitHub Actions CI
    participant Tests as Go Test Runner
    participant Codecov as codecov/codecov-action@v5.5.3

    CI->>Tests: Run tests with coverage
    Tests-->>CI: coverage.out
    CI->>CI: Check coverage threshold
    CI->>Codecov: Upload coverage report
    Codecov-->>CI: Upload confirmed

Loading

_{Reviews (1): Last reviewed commit: "ci: bump codecov/codecov-action from 5.5..." | Re-trigger Greptile}