fix: codecov.yml [skip-release]

[RambokDev]

Summary by CodeRabbit

• Chores
  • Improved CI by switching to the stable toolchain and normalizing trigger configuration.
  • Added dedicated coverage tooling and steps to generate and upload coverage reports.
  • Enabled test instrumentation to produce accurate coverage data.
  • Minor reordering and formatting improvements to the CI pipeline.

[coderabbitai]

📝 Walkthrough

Walkthrough

Updates the GitHub Actions coverage workflow to use the stable Rust toolchain, add llvm-tools-preview, install grcov, enable coverage instrumentation via environment flags, generate an lcov.info with grcov, and upload that report to Codecov; branch trigger formatting and step ordering were also adjusted.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflow .github/workflows/codecov.yml	Replaced/updated CI workflow: switch to stable Rust + llvm-tools-preview, normalize branch specifiers, add grcov install step, run tests with coverage instrumentation (CARGO_INCREMENTAL=0, RUSTFLAGS, LLVM_PROFILE_FILE), generate lcov.info via grcov, and upload lcov.info to Codecov (uses CODECOV_TOKEN). Minor step reordering and formatting changes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐇 I hopped through CI with a patch so clever,
Stable Rust, grcov, and traces forever,
Lcov in paw, to Codecov I bound,
Metrics collected, each line now found. 🥕📈

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'fix: codecov.yml' is vague and generic, using only the filename without describing what was actually fixed in the workflow configuration.	Provide a more descriptive title that explains the specific improvement, such as 'fix: update codecov workflow to use stable Rust toolchain and enable coverage instrumentation' or similar.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/add-codecov-to-pipeline

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

.github/workflows/codecov.yml (1)

24-25: Use locked dependency resolution for grcov install to improve reproducibility.

Line [25] installs whatever is latest at runtime, which can make CI behavior drift.

Proposed fix

       - name: Install grcov
-        run: cargo install grcov
+        run: cargo install grcov --locked

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/codecov.yml around lines 24 - 25, The workflow installs
grcov without lockfile, causing non-reproducible CI; update the step that runs
the install command (the `cargo install grcov` invocation) to use locked
dependency resolution (for example add `--locked`, or better yet pin a specific
`--version` plus `--locked`) so Cargo uses the lockfile and the install is
reproducible.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/codecov.yml:
- Around line 17-23: Update deprecated workflow actions: replace
actions/checkout@v3 with actions/checkout@v4 to avoid Node16 dependency issues,
and replace the archived actions-rs/toolchain@v1 usage with a maintained Rust
setup action (e.g., actions/setup-rust@v1) or the project-preferred maintained
Rust toolchain action; update invocation parameters accordingly so toolchain
installation/override (the previous actions-rs/toolchain behavior) is preserved.
- Around line 47-54: The Codecov upload step ("Upload to Codecov") is unguarded
and will fail for forked PRs when CODECOV_TOKEN is missing due to
fail_ci_if_error: true; modify that step to run only for non-forked contexts by
adding an if condition that checks the event and fork status (e.g., if:
github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork
== false) so the step (which uses codecov/codecov-action@v5 with files:
lcov.info, verbose: true, fail_ci_if_error: true and env CODECOV_TOKEN) is
skipped for forked PRs where the secret is unavailable.

---

Nitpick comments:
In @.github/workflows/codecov.yml:
- Around line 24-25: The workflow installs grcov without lockfile, causing
non-reproducible CI; update the step that runs the install command (the `cargo
install grcov` invocation) to use locked dependency resolution (for example add
`--locked`, or better yet pin a specific `--version` plus `--locked`) so Cargo
uses the lockfile and the install is reproducible.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 01f76eb8-ea8b-43d1-b579-3936221ffdd1

📥 Commits

Reviewing files that changed from the base of the PR and between 3abb955 and 7505108.

📒 Files selected for processing (1)

• .github/workflows/codecov.yml

[coderabbitai]

♻️ Duplicate comments (2)

.github/workflows/codecov.yml (2)

17-23: ⚠️ Potential issue | 🔴 Critical

Upgrade deprecated action runtimes to prevent CI breakage.

Line 17 (actions/checkout@v3) and Line 19 (actions-rs/toolchain@v1) are using outdated runtimes and are flagged by actionlint as incompatible with current GitHub-hosted runners.

Proposed fix

-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4

-      - uses: actions-rs/toolchain@v1
-        with:
-          toolchain: stable
-          override: true
-          components: llvm-tools-preview
+      - uses: dtolnay/rust-toolchain@stable
+        with:
+          components: llvm-tools-preview

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/codecov.yml around lines 17 - 23, The workflow uses
deprecated action versions; update the action references to supported releases
by replacing "actions/checkout@v3" and "actions-rs/toolchain@v1" with their
current recommended tags (e.g., the latest stable major versions) in the codecov
workflow; ensure the "uses" entries for actions/checkout and
actions-rs/toolchain are bumped and verify any changed input keys (like
"toolchain", "override", "components") remain valid against the new action docs
and adjust them if the action input names changed.

---

48-55: ⚠️ Potential issue | 🟠 Major

Guard Codecov upload for fork PRs to avoid false failures.

With Line 53 set to fail_ci_if_error: true, the upload step will fail on forked pull_request runs when Line 55 secret token is unavailable.

Proposed fix

       - name: Upload to Codecov
+        if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false
         uses: codecov/codecov-action@v5
         with:
           files: lcov.info
           verbose: true
           fail_ci_if_error: true
         env:
           CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/codecov.yml around lines 48 - 55, The Codecov upload step
("Upload to Codecov" using codecov/codecov-action@v5) can fail on forked
pull_request workflows because CODECOV_TOKEN is not available; update that step
to guard execution when the token is present (or when not a forked PR).
Concretely, add an if-condition to the "Upload to Codecov" step that checks for
the presence of the CODECOV_TOKEN secret (or that the event is not a
pull_request from a fork) before running, and keep fail_ci_if_error: true only
when the token is available so uploads from forks won't cause CI failures.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Duplicate comments:
In @.github/workflows/codecov.yml:
- Around line 17-23: The workflow uses deprecated action versions; update the
action references to supported releases by replacing "actions/checkout@v3" and
"actions-rs/toolchain@v1" with their current recommended tags (e.g., the latest
stable major versions) in the codecov workflow; ensure the "uses" entries for
actions/checkout and actions-rs/toolchain are bumped and verify any changed
input keys (like "toolchain", "override", "components") remain valid against the
new action docs and adjust them if the action input names changed.
- Around line 48-55: The Codecov upload step ("Upload to Codecov" using
codecov/codecov-action@v5) can fail on forked pull_request workflows because
CODECOV_TOKEN is not available; update that step to guard execution when the
token is present (or when not a forked PR). Concretely, add an if-condition to
the "Upload to Codecov" step that checks for the presence of the CODECOV_TOKEN
secret (or that the event is not a pull_request from a fork) before running, and
keep fail_ci_if_error: true only when the token is available so uploads from
forks won't cause CI failures.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 1d7725b1-6f7c-4b5c-9d07-b390f97a07d5

📥 Commits

Reviewing files that changed from the base of the PR and between 7505108 and ac94112.

📒 Files selected for processing (1)

• .github/workflows/codecov.yml

[codecov]

Welcome to Codecov 🎉

Once you merge this PR into your default branch, you're all set! Codecov will compare coverage reports and display results in all future pull requests.

ℹ️ You can also turn on project coverage checks and project coverage reporting on Pull Request comment

Thanks for integrating Codecov - We've got you covered ☂️