Skip to content

fix: Codecov upload fails on Dependabot PRs (missing token) #999

Description

@moliholy

Summary

Codecov coverage upload fails on Dependabot PRs because the branch is treated as protected and no CODECOV_TOKEN is provided.

Example

Failed run on dependabot/cargo/keccak-0.1.6

error - Commit creating failed: {"message":"Token required because branch is protected"}
Codecov: Failed to properly create commit

Cause

codecov/codecov-action@v4 requires a CODECOV_TOKEN for protected/non-default branches. Dependabot PRs run with a read-only GITHUB_TOKEN and don't have access to it. Combined with fail_ci_if_error: true, this blocks the entire CI job.

Options

  1. Add CODECOV_TOKEN as a repository secret and pass it to the action
  2. Set fail_ci_if_error: false so coverage upload failures don't block CI
  3. Both

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions