diff --git a/.github/workflows/report-coverage.yml b/.github/workflows/report-coverage.yml index 587901df5..26ad59a01 100644 --- a/.github/workflows/report-coverage.yml +++ b/.github/workflows/report-coverage.yml @@ -1,6 +1,6 @@ name: Comment on the pull request -# see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ +# see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ # read-write repo token # access to secrets on: @@ -16,7 +16,7 @@ jobs: github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success' steps: - - name: 'Download artifact' + - name: "Download artifact" uses: actions/github-script@v7.0.1 with: script: | @@ -28,7 +28,7 @@ jobs: var matchArtifact = artifacts.data.artifacts.filter((artifact) => { return artifact.name == "coverage" })[0]; - var download = await github.actions.downloadArtifact({ + var download = await github.rest.actions.downloadArtifact({ owner: context.repo.owner, repo: context.repo.repo, artifact_id: matchArtifact.id, @@ -37,18 +37,18 @@ jobs: var fs = require('fs'); fs.writeFileSync('${{github.workspace}}/coverage.zip', Buffer.from(download.data)); - run: unzip pr.zip - - name: 'get PR number' + - name: "get PR number" run: echo "pr_number=$(cat ./PR)">> $GITHUB_ENV - + - name: report coverage uses: Nef10/lcov-reporter-action@v0.4.0 with: lcov-file: lcov.info - pr-number: ${{ env.pr_number }} + pr-number: ${{ env.pr_number }} github-token: ${{ secrets.GITHUB_TOKEN }} output-file: comment.html - name: Post code coverage report uses: marocchino/sticky-pull-request-comment@v2.9.0 with: path: comment.html - number: ${{ env.pr_number }} + number: ${{ env.pr_number }}