Skip to content

Merge branch 'master' into dependabot/github_actions/getsentry/codeco…

1346a0b
Select commit
Loading
Failed to load commit list.
Open

build(deps): bump getsentry/codecov-action from fda17cfc37e16a0cc23f61685813390bfee7daf3 to afa60378e8e4939ddb77575a51da92885c61ca86 #5978

Merge branch 'master' into dependabot/github_actions/getsentry/codeco…
1346a0b
Select commit
Loading
Failed to load commit list.
@sentry/warden / warden completed Apr 14, 2026 in 3m 8s

1 issue

Low

Template file not updated - future regeneration will revert dependency bump - `.github/workflows/test-integrations-web-2.yml:109`

The Jinja template at scripts/split_tox_gh_actions/templates/test_group.jinja (line 99) still references the old codecov-action commit hash fda17cfc37e16a0cc23f61685813390bfee7daf3, while the generated workflow files are being updated to the new hash afa60378e8e4939ddb77575a51da92885c61ca86. When workflows are regenerated via python scripts/split_tox_gh_actions/split_tox_gh_actions.py, this dependency bump will be silently reverted, potentially missing security patches in the newer version.

4 skills analyzed
Skill Findings Duration Cost
code-review 0 27.0s $0.34
find-bugs 1 3m 6s $1.07
skill-scanner 0 1m 7s $0.81
security-review 0 1m 58s $1.16

Duration: 6m 39s · Tokens: 1.6M in / 28.6k out · Cost: $3.38 (+extraction: $0.01)