Skip to content

update scrutinizer and readme badges #104

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
harikt wants to merge 4 commits into
base: 4.x
Choose a base branch
from
Open

update scrutinizer and readme badges #104

harikt wants to merge 4 commits into from

Conversation

@harikt
Copy link
Member

@harikt harikt commented Feb 8, 2022
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Chores

    • Enabled and uploaded code coverage in CI and updated CI workflow for broader PHP versions and modern actions.
    • Added Codecov configuration to disable automated comments.
    • Updated analysis CI node configuration.

  • Documentation

    • Updated README badges for build status, quality score, and coverage to reflect the new CI and reporting setup.

✏️ Tip: You can customize this high-level summary in your review settings.

@harikt harikt requested a review from brandonsavage March 1, 2022 07:23
@coderabbitai
Copy link

coderabbitai bot commented Jan 16, 2026
edited
Loading

Walkthrough

CI configuration was migrated and modernized: GitHub Actions workflow expanded PHP versions (8.2–8.5), updated action versions and composer cache handling, enabled xdebug coverage and Codecov upload; Scrutinizer build node override added and analysis tools removed; README badges updated; added codecov.yml to disable PR comments.

Changes

Cohort / File(s) Summary
GitHub Actions workflow
.github/workflows/continuous-integration.yml		 Expanded PHP matrix to include 8.2–8.5; updated actions (checkout, cache) to newer versions; changed PHP setup step and enabled xdebug coverage; added composer cache retrieval step using composer config cache-files-dir; adjusted cache keys/outputs; unified install/test steps and added Codecov upload step (codecov-action@v5, fail_ci_if_error: false).
Psalm / Additional CI adjustments
.github/workflows/continuous-integration.yml (Psalm job)		 Updated checkout to actions/checkout@v4; retained PHP setup variant without coverage for Psalm; migrated composer cache usage to new output variable and updated cache keys for Psalm matrix.
Scrutinizer configuration
.scrutinizer.yml		 Added a build node override for php-scrutinizer-run; kept source path filter (src/*); removed the previous tools: block that enabled multiple analysis tools and coverage integrations.
Repository badges
README.md		 Replaced Scrutinizer quality/coverage and Travis CI badges with updated branch links and a Codecov badge; switched build status to GitHub Actions for branch 4.x.
Codecov configuration
codecov.yml		 Added codecov.yml with comment: false to disable Codecov PR comments.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 I hopped from Scrutinizer’s glen,
To Actions' fields and Codecov then,
Matrix grew, caches found their lair,
Coverage blooms with xdebug’s care,
A tiny hop—CI fares well!

🚥 Pre-merge checks | ✅ 2 | ❌ 1
❌ Failed checks (1 inconclusive)
Check name Status Explanation Resolution
Title check ❓ Inconclusive The pull request title mentions badge updates, but the changeset includes substantial CI/CD workflow improvements beyond just badge changes. Consider a more comprehensive title like 'Upgrade CI/CD workflows and update status badges' to better reflect all significant changes.
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Jan 16, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Fix all issues with AI agents 
In @.github/workflows/continuous-integration.yml:
- Around line 51-54: Update the GitHub Action step named "Upload coverage
report" to use the modern Codecov action by changing uses: from
codecov/codecov-action@v2 to the v5 release (e.g., codecov/codecov-action@v5)
and add the required token input (token: ${{ secrets.CODECOV_TOKEN }}) for
private repos (recommended for public repos as well); keep or translate the fail
behavior as appropriate for the v5 action and ensure the step still references
the same step name "Upload coverage report" and the action identifier
codecov/codecov-action so the workflow runs with the latest stable Codecov
action.
🧹 Nitpick comments (1)
.github/workflows/continuous-integration.yml (1)

30-30: Consider limiting coverage collection to a single PHP version.

Enabling xdebug coverage on all PHP version matrix entries (7.2, 7.3, 7.4, 8.0, 8.1) adds overhead to every build. You could optimize CI time by collecting coverage only on one version (e.g., the latest PHP 8.1) and keeping coverage: "none" for others.

♻️ Optional optimization using matrix include 
strategy:
  matrix:
    php-version:
      - "7.2"
      - "7.3"
      - "7.4"
      - "8.0"
      - "8.1"
    coverage: ["none"]
    include:
      - php-version: "8.1"
        coverage: "xdebug"

Then use coverage: "${{ matrix.coverage }}" in the setup-php step and conditionally run the upload step.

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c88b713 and 88f2690.

📒 Files selected for processing (4)
  • .github/workflows/continuous-integration.yml
  • .scrutinizer.yml
  • README.md
  • codecov.yml
🧰 Additional context used
🪛 actionlint (1.7.10)
.github/workflows/continuous-integration.yml

52-52: the runner of "codecov/codecov-action@v2" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🔇 Additional comments (4)
codecov.yml (1)

1-1: LGTM!

The Codecov configuration is minimal and valid. Disabling PR comments is a reasonable choice to reduce noise in pull requests while still collecting coverage data.

.scrutinizer.yml (1)

1-8: LGTM!

The Scrutinizer configuration has been simplified to focus on code analysis via php-scrutinizer-run, with coverage reporting now delegated to Codecov. This aligns with the PR's objective to consolidate coverage reporting through GitHub Actions.

.github/workflows/continuous-integration.yml (1)

48-49: LGTM!

The phpunit command correctly enables xdebug coverage mode and outputs a Clover XML report for Codecov consumption.

README.md (1)

25-27: LGTM!

The badges are correctly updated to reflect the new CI/CD configuration:

  • Scrutinizer badge now points to the 4.x branch
  • Coverage badge switched from Scrutinizer to Codecov
  • Build status badge switched from Travis CI to GitHub Actions

The token in the Codecov badge URL is a public graph token (safe to expose), not the upload token.

✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.

.github/workflows/continuous-integration.yml
Comment on lines 51 to 54
- name: Upload coverage report
uses: codecov/codecov-action@v2
with:
fail_ci_if_error: false
Copy link

@coderabbitai coderabbitai bot Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🌐 Web query:

codecov-action GitHub latest version 2025 2026

💡 Result:

As of Jan 16, 2026 the latest released tag for codecov/codecov-action is v5.5.2 (release published Dec 9, 2025). [1][2]

Sources:

  • codecov/codecov-action releases (v5.5.2). [1]
  • Codecov GitHub Marketplace (recommends @v5). [2]

🌐 Web query:

codecov-action v4 v5 token parameter required private repository

💡 Result:

Short answer: Yes — for private repositories you must provide a Codecov upload token when using either codecov-action v4 or v5. v5 adds tokenless upload options for public repos (global upload token opt-out and OIDC), but private repos still require a token. [1][2][3]

Sources:

  • codecov/codecov-action README (v4/v5 notes). [1]
  • Codecov Tokens docs — "For private repositories, all uploads require a token." [2]
  • Codecov Uploader docs — upload token notes and public-vs-private behavior. [3]

Update codecov-action to v5.

The codecov/codecov-action@v2 is outdated. The current stable version is v5 (latest v5.5.2 as of December 2025), which is the recommended version on GitHub Marketplace.

🔧 Suggested fix 
       - name: Upload coverage report
-        uses: codecov/codecov-action@v2
+        uses: codecov/codecov-action@v5
         with:
           fail_ci_if_error: false
+          token: ${{ secrets.CODECOV_TOKEN }}

Note: The token parameter is required for private repositories and recommended for public repositories to avoid rate limiting. Store your token in repository secrets.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: Upload coverage report
uses: codecov/codecov-action@v2
with:
fail_ci_if_error: false
- name: Upload coverage report
uses: codecov/codecov-action@v5
with:
fail_ci_if_error: false
token: ${{ secrets.CODECOV_TOKEN }}
🧰 Tools
🪛 actionlint (1.7.10)

52-52: the runner of "codecov/codecov-action@v2" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🤖 Prompt for AI Agents 
In @.github/workflows/continuous-integration.yml around lines 51 - 54, Update
the GitHub Action step named "Upload coverage report" to use the modern Codecov
action by changing uses: from codecov/codecov-action@v2 to the v5 release (e.g.,
codecov/codecov-action@v5) and add the required token input (token: ${{
secrets.CODECOV_TOKEN }}) for private repos (recommended for public repos as
well); keep or translate the fail behavior as appropriate for the v5 action and
ensure the step still references the same step name "Upload coverage report" and
the action identifier codecov/codecov-action so the workflow runs with the
latest stable Codecov action.

coderabbitai[bot]
coderabbitai bot reviewed Jan 16, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)
.github/workflows/continuous-integration.yml (2)

81-83: Update deprecated set-output syntax.

Line 83 uses the deprecated ::set-output workflow command, while the unit-tests job (line 41) correctly uses GITHUB_OUTPUT. This syntax was deprecated in October 2022 and will eventually stop working.

🔧 Suggested fix 
       - name: "Determine composer cache directory"
         id: "determine-composer-cache-directory"
-        run: "echo \"::set-output name=directory::$(composer config cache-dir)\""
+        run: echo "directory=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT

93-93: Remove deprecated --no-suggest flag.

The --no-suggest option was deprecated in Composer 2.2 and removed in later versions. It will cause warnings or errors with modern Composer versions.

🔧 Suggested fix 
       - name: "Install dependencies with composer"
-        run: "composer install --no-interaction --no-progress --no-suggest"
+        run: "composer install --no-interaction --no-progress"
🧹 Nitpick comments (1)
.github/workflows/continuous-integration.yml (1)

56-59: Consider adding the Codecov token.

While codecov-action@v5 supports tokenless uploads for public repositories via OIDC, adding the token is recommended to avoid rate limiting issues. For private repositories, the token is required.

🔧 Suggested fix 
       - name: Upload coverage report
         uses: codecov/codecov-action@v5
         with:
           fail_ci_if_error: false
+          token: ${{ secrets.CODECOV_TOKEN }}
📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 88f2690 and 5acdfdb.

📒 Files selected for processing (1)
  • .github/workflows/continuous-integration.yml
🔇 Additional comments (3)
.github/workflows/continuous-integration.yml (3)

28-37: LGTM!

The action version updates and PHP setup configuration are appropriate. Enabling xdebug coverage and assertions aligns with testing best practices.

39-48: LGTM!

The composer cache handling uses the modern GITHUB_OUTPUT syntax and actions/cache@v4. The cache key based on composer.lock is appropriate for dependency caching.

22-25: PHP 8.5 is a stable, officially released version (as of November 20, 2025) with active support through 2027 and security support through 2029. Including it in the CI matrix is appropriate.

✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@brandonsavage brandonsavage Awaiting requested review from brandonsavage

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@harikt