Release Notes for Codecov v4.5.9


Important Changes in v4.5.9

v4.5.9 contains a few database migrations to improve performance and lay the groundwork for future Codecov features. While we expect these migrations to pose no significant issue during upgrade, we recommend ensuring you have a recent database backup before upgrading to v4.5.9.

(Note: we've unified the name of our on-premises offering as Codecov Self-hosted)



  • (Self-hosted only) Added the ability for Codecov self-hosted installs to leverage a globally defined bot in the codecov.yml as the default bot for public repos (see Global Public Bots in self-hosted below).
  • Codecov will now skip deleted commits when searching for a commit's parent. Depending on several factors, parent deletion may occur when rebasing, squash merging, or -- in some cases -- when merging master.
  • Updated the bash uploader to include .vala files in its automatic detection routines for path fixing.


  • Addressed an issue where the GitHub API will occasionally deliver a mis-classified encoding in an API response, resulting in runtime errors for Codecov.
  • Upgraded Codecov's internal http library, such that external api calls complete more efficiently with fewer instances of failure.
  • (Self-hosted only) Fixed an issue where Codecov would, in extremely rare circumstances and for specific configurations, sync a repository to the incorrect service (e.g., GitHub instead of GitHub Enterprise)
  • Fixed an issue where + signs were not removed from commit SHAs sent from Azure Pipelines.
  • Fixed an issue in the bash uploader that prevented variables from being initialized properly.
  • Fixed an Azure Pipelines Issue that would sometimes result in the wrong branch name being detected by the uploader.
  • Fixed an issue where the bash uploader would detect the wrong commit SHA for Azure Pipelines due to Azure Pipelines running CI in a detached HEAD state.
  • Fixed an uploader issue where the commit SHA would sometimes not be detected properly when using GitHub Actions


  • (Cloud only) Updated the billing slider to start at 6 users instead of 5.
  • Added bash test coverage tracking to the uploader. The uploader now uses the uploader to upload coverage reports from the uploader to Codecov :).

Global Public Bots in Self-Hosted

Before v4.5.9, Codecov Enterprise would not properly fall back to a globally defined bot when commenting on the PRs of public repos. This could lead to issues where an unexpected account was used to comment on a PR, or PRs of public repos would not be commented on by Codecov altogether.

This fix allows Codecov Enterprise maintainers to provide a public but to use for commenting on public repos. This bot can be specified in the install yaml file as follows:

         key: <personal access token>
         username: <username of the account in github>

This configuration can also be provided as environment variables in the event that a more secure approach is desired. As follows:

SETUP__GITHUB__BOT__KEY=<personal access token>

Also note that any repo provider can be used, not just github. For example:

         key: <personal access token>
         username: <username of the account in github>


SETUP__GITLAB_ENTERPRISE__BOT__KEY=<personal access token>