From 9ee422639dd3418c8b6a8e4e24df6e02a7882e4d Mon Sep 17 00:00:00 2001
From: Lukas Saltenas <lukas.saltenas@gmail.com>
Date: Tue, 14 Oct 2025 14:18:50 +0300
Subject: [PATCH 1/2] fix(codecov-for-dependabot): use oidc when uploading test
 results to codecov

---
 .github/workflows/ci.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index b10b5d5c38..7eaab8ce27 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -93,6 +93,9 @@ jobs:
     name: Build & Test
     runs-on: ubuntu-latest
     timeout-minutes: 15
+    permissions:
+      id-token: write
+      contents: read
     steps:
       - name: Checkout
         uses: actions/checkout@v5
@@ -129,7 +132,7 @@ jobs:
         if: '!cancelled()'
         uses: codecov/test-results-action@v1
         with:
-          token: ${{ secrets.CODECOV_TOKEN }}
+          use_oidc: true
           files: test-report.xml
           fail_ci_if_error: true
 

From b53d3d23302f98e97dbefdf0d32217ec93fc54fb Mon Sep 17 00:00:00 2001
From: Lukas Saltenas <lukas.saltenas@gmail.com>
Date: Tue, 14 Oct 2025 14:21:31 +0300
Subject: [PATCH 2/2] fix(codecov-for-dependabot): also fix upload coverage

---
 .github/workflows/ci.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 7eaab8ce27..81a49ae250 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -124,7 +124,7 @@ jobs:
       - name: Upload coverage to Codecov
         uses: codecov/codecov-action@v5
         with:
-          token: ${{ secrets.CODECOV_TOKEN }}
+          use_oidc: true
           files: coverage/lcov.info
           fail_ci_if_error: true
 
@@ -133,7 +133,7 @@ jobs:
         uses: codecov/test-results-action@v1
         with:
           use_oidc: true
-          files: test-report.xml
+          files: test-results.xml
           fail_ci_if_error: true
 
       - name: Check dependencies