[Deprecating] Bash uploader

Deprecation Notice and Schedule


Deprecation Notice

Support for the Bash Uploader will be deprecated on February 1st, 2022.

Please refer to the main Codecov Uploader page for implementation and upgrades.

With the Codecov Uploader released, the Bash Uploader will now undergo the following deprecation plan:

  • Sept 1, 2021, to Nov 1, 2021: Codecov will conduct scheduled brownouts of the Bash Uploader. At predetermined times throughout the week, the Bash Uploader will not function. These brownout periods will initially have at least a one-week notice, before occurring but advanced notice times will decrease throughout this three-month period. Each brownout period will be publicly broadcast to users, though.
  • Nov 1, 2021, to Feb 1, 2022: Codecov will conduct random unscheduled brownouts of the Bash Uploader. With no announcement or prior disclosure, the Bash Uploader will not function.
  • Feb 1, 2022, and onward: The Bash Uploader will be fully sunset and will no longer function.
  • Note that this deprecation plan may be subject to change, but those changes will be broadcast to our user base with at least two weeks’ notice. If at any time during the deprecation window use of the Bash Uploader comprises <10% of all uploads to Codecov, we may accelerate the deprecation plan and sunset the Bash Uploader faster than anticipated.

Additional context around this release and change can be found on our blog.


The Codecov Bash uploader provides a language-agnostic alternative for sending your coverage reports to Codecov. Its usage is both simple and convenient:

bash <(curl -s https://codecov.io/bash)

The main objectives of the uploader are to:

  • detect the environment
  • gather reports
  • upload them to Codecov

The above command silently requests the latest version of the uploader from Codecov and executes via Bash; all output is directed to stdout.

Upload token


Not Required for some CI Providers

If you have a public project on TravisCI, CircleCI, AppVeyor, Azure Pipelines, or GitHub Actions an upload token is not required.

A unique upload token is required to identify which project the coverage belongs to. This token is located in the repository settings (/<github>/<owner>/<repo>/settings).


A repository on codecov with no uploaded coverage reports. Note the upload token.

There are three ways to provide the upload token to the Bash uploader:


bash <(curl -s https://codecov.io/bash) -t token

Environment variable

export CODECOV_TOKEN="token"
bash <(curl -s https://codecov.io/bash)

Loading token from a file

echo "token" > .cc_token
bash <(curl -s https://codecov.io/bash) -t @.cc_token

CI detection

The bash uploader detects all CI providers through environment variables. This process helps to identify the source of the build and maintain a relationship back to the source of the coverage collection.

Finding reports and specifying file names

Codecov can automatically detect coverage files in your project. A thorough filename search will grab everything that is known to be a coverage report. You can also specify exactly which file(s) should be uploaded.

Here are some options for discovering report files:

# only upload this file
-f path/to/foo.bar

# also search this folder that is outside the project directory
-s /home/user/reports/foo/bar

# ignore all files at pattern *.bar
-f "!*.bar"

# include all files at pattern *.foo
-f "*.foo"

Validating the bash script

The Codecov bash uploader is open source, and it can be validated for correctness by calculating the
SHASUM on download and comparing to the result we store in the GitHub repository.

You can calculate the checksum on download by running

curl https://codecov.io/bash | shasum -a 512
# Codecov provides SHA1, SHA256, and SHA512 hashes

This will not check against the provided checksums provided by Codecov that are located in GitHub.

You can compare the result to the publicly posted values at https://github.com/codecov/codecov-bash/blob/{{ VERSION }}/SHA512SUM. We calculate and publish the SHA1, SHA256, and SHA512 checksums.

For builds with the versions of shasum that support the --ignore-missing flag, you can also verify the checksums by running

curl -fLso codecov https://codecov.io/bash;
VERSION=$(grep -o 'VERSION=\"[0-9\.]*\"' codecov | cut -d'"' -f2);
for i in 1 256 512
  shasum -a $i -c --ignore-missing <(curl -s "https://raw.githubusercontent.com/codecov/codecov-bash/${VERSION}/SHA${i}SUM")

For older shasum versions, you can run

curl -fLso codecov https://codecov.io/bash;
VERSION=$(grep -o 'VERSION=\"[0-9\.]*\"' codecov | cut -d'"' -f2);
for i in 1 256 512
  shasum -a $i -c <(curl -s "https://raw.githubusercontent.com/codecov/codecov-bash/${VERSION}/SHA${i}SUM" | grep -w "codecov")

Uploading process

When the upload script is called, the general flow is as follows:

  1. The CI is discovered through environment variables.
  2. Language specific processing and formatting (e.g. xcode, python).
  3. Reports are found in the filesystem.
  4. Reports are prepended with file paths and appended with file adjustments.
  5. Reports are uploaded to cloud storage for archiving (secret location).
  6. Codecov is informed of the upload, and will queue the report processing server side.
  7. Done (exit 0).


Exit 0

Codecov will exit 0 to prevent failing the build, if there are issues. If you would like Codecov to exit with 1, use bash <(curl -s https://codecov.io/bash) -Z.

exit 0 is not foolproof. Please use this command to always exit with 0: bash <(curl -s https://codecov.io/bash) || echo 'Codecov failed to upload'.


Verbose mode

If there is an issue with the upload process, it helps to run in verbose mode. Supply the -v flag for better debugging output:

bash <(curl -s https://codecov.io/bash) -v


The bash uploader provides various arguments to work with many complex environments. Listed below are the full list of possible arguments and their usage.




Extra curl arguments to communicate with AWS.


Move discovered coverage reports to the trash


Don't upload, but dump upload file to stdout

-e ENV

Specify environment variables to be included with this build
Also accepting environment variables: CODECOV_ENV=VAR,VAR2



Flag the upload to group coverage metrics
-F unittests This upload is only unittests
-F integration This upload is only integration tests
-F ui,chrome This upload is Chrome - UI tests


Target file(s) to upload
-f "path/to/file" only upload this file
skips searching unless provided patterns below
-f '!*.bar' ignore all files at pattern .bar
`-f '
.foo'` include all files at pattern *.foo

Must use single quotes.
This is non-exclusive, use -s "*.foo" to match specific paths.


Display this help and exit


Remove color from the output


The commit SHA of the parent for which you are uploading coverage. If not present, the parent will be determined using the API of your repository provider. When using the repository provider's API, the parent is determined via finding the closest ancestor to the commit.


Custom defined name of the upload. Visible in Codecov UI


Write upload file to path


Used when not in git/hg project to identify project root directory

-s DIR

Directory to search for coverage reports.
Already searches project root and artifact folders.


Set the private repository token
(option) set environment variable CODECOV_TOKEN=:uuid

-t @/path/to/token_file
-t uuid


Extra curl arguments to communicate with Codecov. e.g., -U "--proxy http://http-proxy"


Verbose mode


Toggle functionalities

-X gcov Disable gcov
-X coveragepy Disable python coverage
-X fix Disable report fixing
-X search Disable searching for reports
-X xcode Disable xcode processing
-X network Disable uploading the file network
-X gcovout Disable gcov output
-X html Enable coverage for HTML files


Exit with 1 if not successful. Default will Exit with 0



owner/repo slug used instead of the private repo token in Enterprise
(option) set environment variable CODECOV_SLUG=:owner/:repo
(option) set in your codecov.yml "codecov.slug"


File path to your cacert.pem file used to verify ssl with Codecov Enterprise (optional)
(option) Set environment variable: CODECOV_CA_BUNDLE="/path/to/ca.pem"

-u URL

Set the target url for Enterprise customers
Not required when retrieving the bash uploader from your CCE
(option) Set environment variable CODECOV_URL=https://my-hosted-codecov.com

env vars

Used to override pre-existing CI environment variables


Specify the branch name


Specify the build number


Specify the commit SHA. Please use the long version to ensure a match between the submitted SHA and the git provider's API response.


Specify the pull request number


Specify the git tag



Extra arguments to pass to gcov


Paths to include during gcov gathering


Paths to ignore during gcov gathering


Prefix filepaths to help resolve path fixing

-p DIR

Project root directory
Also used when preparing gcov


gcov executable to run. Defaults to 'gcov'



Custom Derived Data Path for Coverage.profdata and gcov processing
Default '~/Library/Developer/Xcode/DerivedData'


Specify packages to build coverage. Uploader will only build these packages.
This can significantly reduces time to build coverage reports.
-J 'MyAppName' Will match "MyAppName" and "MyAppNameTests"
-J '^ExampleApp$' Will match only "ExampleApp" not "ExampleAppTests"

Did this page help you?