update

Author: brynary

Diff for: .github/workflows/main.yml

@@ -10,18 +10,16 @@ on:
 permissions:
   actions: write
   contents: read
+  id-token: write
 
 jobs:
   build:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node: [ 18 ]
+        node: [ 18, 20 ]
     name: Node ${{ matrix.node }} sample
     steps:
-      - name: Cancel Previous Runs
-        uses: styfle/[email protected]
-
       - name: Checkout repo
         uses: actions/checkout@v4
 
@@ -38,5 +36,5 @@ jobs:
 
       - uses: qltysh/qlty-action/coverage@main
         with:
-          coverage-token: ${{ secrets.QLTY_COVERAGE_TOKEN }}
+          oidc: true
           files: coverage/lcov.info

Diff for: .qlty/.gitignore

@@ -1,4 +1,4 @@
-cache
-logs
-out
-plugins
+*
+!configs
+!hooks
+!qlty.toml

Diff for: README.md

@@ -12,8 +12,11 @@ This repository uses [Vitest](https://vitest.dev/) for testing and generating co
 - [Next.js](https://nextjs.org/)
 - [Vitest](https://vitest.dev/)
 - Run tests with `npm test`
-- An account on Qlty (free for open source)
-- `QLTY_COVERAGE_TOKEN` is set as a GitHub Actions [repository secret](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository)
+- An account on [Qlty Cloud](https://qlty.sh) (free)
+
+> [!NOTE]
+>
+> This repository is using GitHub's OpenID Connect (OIDC) to authenticate the coverage upload with Qlty Cloud instead of storing a coverage token as a GitHub Actions secret.
 
 ## Set up