{"id":5801313,"name":"insightsengineering/coverage-action","ecosystem":"actions","description":"Action that converts a Cobertura XML report into a markdown report.","homepage":"https://github.com/marketplace/actions/code-coverage-report-action","licenses":"mit","normalized_licenses":["MIT"],"repository_url":"https://github.com/insightsengineering/coverage-action","keywords_array":["coverage","github-actions"],"namespace":"insightsengineering","versions_count":31,"first_release_published_at":"2021-12-18T16:06:30.000Z","latest_release_published_at":"2025-07-03T20:07:44.000Z","latest_release_number":"v3.0.1","last_synced_at":"2026-03-15T07:42:03.337Z","created_at":"2023-01-04T13:00:49.635Z","updated_at":"2026-03-16T04:04:09.312Z","registry_url":"https://github.com/insightsengineering/coverage-action","install_command":null,"documentation_url":null,"metadata":{"name":"Code Coverage Report Action","author":"Inisghts Engineering","description":"Action that converts a Cobertura XML report into a markdown report.","inputs":{"token":{"description":"Github token to use to publish the check.","required":false,"default":"${{ github.token }}"},"path":{"description":"Path to the Cobertura coverage XML report.","required":false,"default":"coverage.xml"},"threshold":{"description":"The minimum allowed coverage percentage, as a real number.","required":false,"default":0},"fail":{"description":"Fail the action when the minimum coverage was not met.","required":false,"default":true},"publish":{"description":"Publish the coverage report as an issue comment.","required":false,"default":false},"diff":{"description":"Create a diff of the coverage report.","required":false,"default":false},"diff-branch":{"description":"Branch to diff against.","required":false,"default":"main"},"storage-subdirectory":{"description":"Subdirectory in the diff-storage branch where the XML reports will be stored.","required":false,"default":"."},"diff-storage":{"description":"Branch where coverage reports are stored for diff purposes.","required":false,"default":"_xml_coverage_reports"},"coverage-summary-title":{"description":"Title for the code coverage summary in the Pull Request comment.","required":false,"default":"Code Coverage Summary"},"uncovered-statements-increase-failure":{"description":"Fail the action if any changed file has an increase in uncovered lines compared to the `diff-branch`.\nThis corresponds to pycobertura exit code 2, which indicates that at least one changed file has\nmore uncovered lines than before (Miss \u003e 0). Note that this is different from coverage rate\nreduction - it specifically checks for increases in the absolute number of uncovered lines.\n","required":false,"default":false},"new-uncovered-statements-failure":{"description":"Fail the action if new uncovered statements are introduced AND overall coverage improved\n(total uncovered lines decreased) compared to the `diff-branch`.\nThis corresponds to pycobertura exit code 3, which only occurs when total uncovered lines\ndecreased (Miss \u003c= 0) but there are still new uncovered statements (Missing != []).\nTo fail on ALL new uncovered statements regardless of overall coverage improvement,\nuse this flag together with `coverage-reduction-failure: true`.\n","required":false,"default":false},"coverage-rate-reduction-failure":{"description":"Fail the action if the overall coverage percentage (rate) decreases compared to the `diff-branch`.\nThis is different from `uncovered-statements-increase-failure` which checks for absolute\nincreases in uncovered lines. This flag specifically looks at the coverage percentage\nand fails if it goes down, regardless of whether uncovered lines increased or decreased.\nThis is a more forgiving approach that focuses on the relative coverage rate rather than\nabsolute uncovered line counts.\n","required":false,"default":false},"pycobertura-exception-failure":{"description":"Fail the action in case of a `Pycobertura` exception.","required":false,"default":true},"togglable-report":{"description":"Make the code coverage report togglable.","required":false,"default":false},"exclude-detailed-coverage":{"description":"Whether a detailed coverage report should be excluded from the PR comment.\nThe detailed coverage report contains the following information per file:\nnumber of code statements, number of statements not covered by any test,\ncoverage percentage, and line numbers not covered by any test.\n","required":false,"default":false}},"outputs":{"summary":{"description":"Summary of coverage report","value":"${{ steps.create-output.outputs.summary }}"}},"branding":{"icon":"umbrella","color":"red"},"runs":{"using":"composite","steps":[{"name":"Setup Python","uses":"actions/setup-python@v5","with":{"python-version":"3.11"}},{"name":"Install pycobertura","uses":"insightsengineering/pip-action@v2","with":{"packages":"pycobertura==3.0.0"}},{"name":"Get branch names","id":"branch-names","uses":"tj-actions/branch-names@v7"},{"name":"Generate text report","run":"mkdir -p coverage-action\ncp ${{ inputs.path }} coverage-action/\npycobertura show ${{ inputs.path }} --output .coverage-output\ncat .coverage-output\n","shell":"bash"},{"name":"Fetch report from ${{ inputs.diff-storage }}","uses":"actions/checkout@v4","with":{"path":"${{ inputs.diff-storage }}","fetch-depth":0,"token":"${{ inputs.token }}"}},{"name":"Get token identity","id":"identity","uses":"octokit/graphql-action@v2.x","with":{"query":"query {\n  viewer {\n    databaseId\n    login\n  }\n}\n"},"env":{"GITHUB_TOKEN":"${{ inputs.token }}"}},{"name":"Configure git","run":"name=\"${{ fromJSON(steps.identity.outputs.data).viewer.login }}\"\nemail=\"${{ format('{0}+{1}@users.noreply.github.com', fromJSON(steps.identity.outputs.data).viewer.databaseId, fromJSON(steps.identity.outputs.data).viewer.login) }}\"\n\ncat \u003e\u003e \"$GITHUB_ENV\" \u003c\u003c EOF\nGIT_AUTHOR_NAME=$name\nGIT_AUTHOR_EMAIL=$email\nGIT_COMMITTER_NAME=$name\nGIT_COMMITTER_EMAIL=$email\nEOF\n","shell":"bash"},{"name":"Initialize storage branch","working-directory":"${{ inputs.diff-storage }}","run":"# Switch to the branch if it already exists\ngit switch ${{ inputs.diff-storage }} || true\ngit pull origin ${{ inputs.diff-storage }} || true\n# Create the branch if it doesn't exist yet\ngit checkout --orphan ${{ inputs.diff-storage }} || true\n# Ensure that the bare minimum components exist in the branch\nmkdir -p data\ntouch README.md data/.gitkeep\n# Copy necessary files and folders to a temporary location\nmkdir -p /tmp/${{ github.sha }}\necho \"Copying data to /tmp/${{ github.sha }}\"\ncp -r .git README.md data /tmp/${{ github.sha }}\n# Remove everything else\n# Attribution: https://unix.stackexchange.com/a/77313\nrm -rf ..?* .[!.]* *\n# Restore files from the temporary location\necho \"Copying data from /tmp/${{ github.sha }}\"\ncp -r /tmp/${{ github.sha }}/.git /tmp/${{ github.sha }}/README.md /tmp/${{ github.sha }}/data .\nrm -rf /tmp/${{ github.sha }}\ngit add --all -f\ngit commit -m \"Update storage branch: $(date)\" || true\n","shell":"bash"},{"name":"Push storage branch","uses":"ad-m/github-push-action@master","with":{"github_token":"${{ inputs.token }}","branch":"${{ inputs.diff-storage }}","directory":"${{ inputs.diff-storage }}","force":true}},{"name":"Generate diff against ${{ inputs.diff-branch }}","if":"contains(inputs.diff, 'true')","run":"echo \"storage_subdirectory = '${{ inputs.storage-subdirectory }}'\"\npushd ${{ inputs.diff-storage }}\ngit checkout ${{ inputs.diff-storage }} || touch ${{ inputs.diff-storage }}-not-found\npopd\nif [[ -f \"${{ inputs.diff-storage }}/data/${{ inputs.diff-branch }}/${{ inputs.storage-subdirectory }}/coverage.xml\" \u0026\u0026 (! -f ${{ inputs.diff-storage }}-not-found) ]]\nthen {\n  pycobertura diff --no-color --no-source ${{ inputs.diff-storage }}/data/${{ inputs.diff-branch }}/${{ inputs.storage-subdirectory }}/coverage.xml \\\n    ${{ inputs.path }} \\\n    --output .coverage-output.diff \u0026\u0026 pycobertura_status=$? || pycobertura_status=$?\n    # Save status both in case of success and failure.\n    echo \"pycobertura_status=$pycobertura_status\" \u003e\u003e $GITHUB_ENV\n  cat .coverage-output.diff\n} else {\n  echo \"${{ inputs.diff-storage }}/data/${{ inputs.diff-branch }}/${{ inputs.storage-subdirectory }}/coverage.xml not found! Not diffing.\"\n}\nfi\n","shell":"bash"},{"name":"Extract diff-branch coverage percentage","if":"contains(inputs.diff, 'true') \u0026\u0026 contains(inputs.coverage-rate-reduction-failure, 'true')","run":"if [[ -f \"${{ inputs.diff-storage }}/data/${{ inputs.diff-branch }}/${{ inputs.storage-subdirectory }}/coverage.xml\" ]]\nthen {\n  # Generate a text report for the diff-branch coverage\n  pycobertura show ${{ inputs.diff-storage }}/data/${{ inputs.diff-branch }}/${{ inputs.storage-subdirectory }}/coverage.xml --output .coverage-output.diff-branch\n  # Extract the total coverage percentage\n  grep -E \"^TOTAL \" .coverage-output.diff-branch | \\\n    awk '{printf \"%.8f\", (1 - $3/$2) * 100}' \u003e .coverage-total.diff-branch\n  echo \"Diff-branch coverage: $(cat .coverage-total.diff-branch)%\"\n} else {\n  echo \"Diff-branch coverage file not found, cannot compare coverage rates.\"\n  echo \"0\" \u003e .coverage-total.diff-branch\n}\nfi\n","shell":"bash"},{"name":"Get total","run":"grep -E \"^TOTAL \" .coverage-output | \\\n  awk '{printf \"%.8f\", (1 - $3/$2) * 100}' \u003e .coverage-total\n","shell":"bash"},{"name":"Store coverage percent","id":"coverage_percent","run":"echo \"coverage_total=$(cat .coverage-total)\" \u003e\u003e $GITHUB_OUTPUT\nBRANCH=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}\necho \"diff_storage_branch=$BRANCH\" \u003e\u003e $GITHUB_ENV\nmkdir -p ${{ inputs.diff-storage }}/data/${BRANCH}/${{ inputs.storage-subdirectory }}\n","shell":"bash"},{"name":"Generate the badge SVG image","uses":"emibcn/badge-action@v2.0.3","id":"badge","with":{"label":"Test Coverage","status":"${{ steps.coverage_percent.outputs.coverage_total }}%","color":"${{ steps.coverage_percent.outputs.coverage_total \u003e 90 \u0026\u0026 'green'              || steps.coverage_percent.outputs.coverage_total \u003e 80 \u0026\u0026 'yellow,green'       || steps.coverage_percent.outputs.coverage_total \u003e 70 \u0026\u0026 'yellow'             || steps.coverage_percent.outputs.coverage_total \u003e 60 \u0026\u0026 'orange,yellow'      || steps.coverage_percent.outputs.coverage_total \u003e 50 \u0026\u0026 'orange'             || steps.coverage_percent.outputs.coverage_total \u003e 40 \u0026\u0026 'red,orange'         || steps.coverage_percent.outputs.coverage_total \u003e 30 \u0026\u0026 'red,red,orange'     || steps.coverage_percent.outputs.coverage_total \u003e 20 \u0026\u0026 'red,red,red,orange' || 'red' }}","path":"${{ inputs.diff-storage }}/data/${{ env.diff_storage_branch }}/${{ inputs.storage-subdirectory }}/badge.svg"}},{"name":"Commit badge","working-directory":"${{ inputs.diff-storage }}/data","run":"git switch ${{ inputs.diff-storage }} || true\ngit pull origin ${{ inputs.diff-storage }}\ngit add \"${{ env.diff_storage_branch }}/${{ inputs.storage-subdirectory }}/badge.svg\"\ngit commit -m \"Add/Update badge: ${{ github.sha }}\" || true\n","shell":"bash"},{"name":"Push badges","uses":"ad-m/github-push-action@master","with":{"github_token":"${{ inputs.token }}","branch":"${{ inputs.diff-storage }}","directory":"${{ inputs.diff-storage }}/data"}},{"name":"Determine repository visibility","if":"contains(inputs.publish, 'true')","id":"repository-visibility","uses":"actions/github-script@v7","with":{"script":"const result = await github.rest.repos.get({\n  owner: \"${{ github.repository_owner }}\",\n  repo: \"${{ github.repository }}\".split(\"/\")[1]\n});\nreturn result.data.visibility;\n","result-encoding":"string"}},{"name":"Generate issue comment body","if":"contains(inputs.publish, 'true')","run":"BRANCH=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}\nif [[ \"${{ steps.repository-visibility.outputs.result }}\" == \"public\" ]]\nthen {\n  # URL encoding for branch name\n  URL_ENCODED_BRANCH=$(python3 -c 'import urllib.parse; print(urllib.parse.quote_plus(\"${{ env.diff_storage_branch }}\"))')\n  echo -e \"![badge](https://raw.githubusercontent.com/${{ github.repository_owner }}/${{ github.event.repository.name }}/${{ inputs.diff-storage }}/data/${URL_ENCODED_BRANCH}/${{ inputs.storage-subdirectory }}/badge.svg)\\n\\n\" \u003e .coverage-output.final\n}\nelse {\n  echo -e \"🧪 Test coverage: ${{ steps.coverage_percent.outputs.coverage_total }}%\\n\\n\" \u003e .coverage-output.final\n}\nfi\necho -e \"## ${{ inputs.coverage-summary-title }}\\n\" \u003e\u003e .coverage-output.final\nif [[ \"${{ inputs.exclude-detailed-coverage }}\" == \"false\" ]]\nthen {\n  if [[ \"${{ inputs.togglable-report }}\" == \"true\" ]]\n  then {\n    echo -e \"\u003cdetails\u003e\\n\\n\" \u003e\u003e .coverage-output.final\n  }\n  fi\n  echo -e \"\\`\\`\\`\" \u003e\u003e .coverage-output.final\n  cat .coverage-output \u003e\u003e .coverage-output.final\n  echo -e \"\\n\\`\\`\\`\\n\" \u003e\u003e .coverage-output.final\n  if [[ \"${{ inputs.togglable-report }}\" == \"true\" ]]\n  then {\n    echo -e \"\u003c/details\u003e\\n\\n\" \u003e\u003e .coverage-output.final\n  }\n  fi\n}\nelse {\n  echo -e \"\\n\" \u003e\u003e .coverage-output.final\n}\nfi\nif [[ \"${{ inputs.diff }}\" == \"true\" \u0026\u0026 -f .coverage-output.diff ]]\nthen {\n  echo -e \"### Diff against ${{ inputs.diff-branch }}\\n\" \u003e\u003e .coverage-output.final\n  echo -e \"\\`\\`\\`\" \u003e\u003e .coverage-output.final\n  cat .coverage-output.diff \u003e\u003e .coverage-output.final\n  echo -e \"\\n\\`\\`\\`\\n\" \u003e\u003e .coverage-output.final\n}\nfi\nCOMMIT_SHA=\"${{ github.sha }}\"\nif [ \"${{ github.event_name }}\" == \"pull_request\" ]\nthen {\n  COMMIT_SHA=\"${{ github.event.pull_request.head.sha }}\"\n}\nfi\necho -e \"\\nResults for commit: $COMMIT_SHA\\n\" \u003e\u003e .coverage-output.final\necho -e \"\\n_Minimum allowed coverage is \\`${{ inputs.threshold }}%\\`_\\n\" \u003e\u003e .coverage-output.final\nif [[ \"${{ inputs.publish }}\" == \"true\" ]]\nthen {\n  echo -e \"\\n:recycle: This comment has been updated with latest results\\n\" \u003e\u003e .coverage-output.final\n}\nfi\n","shell":"bash"},{"name":"Post as comment","if":"contains(inputs.publish, 'true')","uses":"marocchino/sticky-pull-request-comment@v2","with":{"GITHUB_TOKEN":"${{ inputs.token }}","header":"${{ inputs.path }}","path":".coverage-output.final"}},{"name":"Set as output","id":"create-output","run":"EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)\necho \"summary\u003c\u003c$EOF\" \u003e\u003e $GITHUB_OUTPUT\necho \"$(cat .coverage-output.final)\" \u003e\u003e $GITHUB_OUTPUT\necho \"$EOF\" \u003e\u003e $GITHUB_OUTPUT\n","shell":"bash"},{"name":"Commit XML report to ${{ inputs.diff-storage }}","if":"contains(inputs.diff, 'true')\n","working-directory":"${{ inputs.diff-storage }}","run":"git switch ${{ inputs.diff-storage }}\ngit pull origin ${{ inputs.diff-storage }}\nfilename=$(basename ${{ inputs.path }})\nmv ../coverage-action/${filename} ./data/${{ env.diff_storage_branch }}/${{ inputs.storage-subdirectory }}/coverage.xml\ngit add -f \"./data/${{ env.diff_storage_branch }}/${{ inputs.storage-subdirectory }}/coverage.xml\"\ngit commit -m \"Coverage report for ${{ github.sha }}\" || true\n","shell":"bash"},{"name":"Push XML report to ${{ inputs.diff-storage }}","if":"contains(inputs.diff, 'true')\n","uses":"ad-m/github-push-action@master","with":{"github_token":"${{ inputs.token }}","branch":"${{ inputs.diff-storage }}","directory":"${{ inputs.diff-storage }}/data"}},{"name":"Check threshold","if":"contains(inputs.fail, 'true')","run":"with open('.coverage-total', 'r') as t:\n  total = float(t.read().rstrip())\nmin = float('${{ inputs.threshold }}')\nif total \u003c min:\n  raise SystemExit(\n    f\"Total Coverage of {total}% falls below minimum threshold of {min}%.\"\n  )\n","shell":"python"},{"name":"Fail if coverage worsened","if":"contains(inputs.diff, 'true')","run":"if [[ \"${{ env.pycobertura_status }}\" == \"2\" \u0026\u0026 \"${{ inputs.uncovered-statements-increase-failure }}\" == \"true\" ]]\nthen {\n  echo \"Code changes increased the number of uncovered lines in at least one file.\"\n  exit 1\n}\nfi\nif [[ \"${{ env.pycobertura_status }}\" == \"3\" \u0026\u0026 \"${{ inputs.new-uncovered-statements-failure }}\" == \"true\" ]]\nthen {\n  echo \"Code changes introduced new uncovered statements despite overall coverage improvement.\"\n  exit 1\n}\nfi\nif [[ \"${{ env.pycobertura_status }}\" == \"1\" \u0026\u0026 \"${{ inputs.pycobertura-exception-failure }}\" == \"true\" ]]\nthen {\n  echo \"Pycobertura exception occurred.\"\n  exit 1\n}\nfi\nif [[ \"${{ inputs.coverage-rate-reduction-failure }}\" == \"true\" \u0026\u0026 -f .coverage-total.diff-branch ]]\nthen {\n  current_coverage=$(cat .coverage-total)\n  diff_branch_coverage=$(cat .coverage-total.diff-branch)\n  if (( $(echo \"$current_coverage \u003c $diff_branch_coverage\" | bc -l) ))\n  then {\n    echo \"Coverage rate decreased from ${diff_branch_coverage}% to ${current_coverage}%.\"\n    exit 1\n  }\n  fi\n}\nfi\n","shell":"bash"},{"name":"Clean up intermediate files","if":"always()","run":"rm -rf coverage-action .coverage-output.final .coverage-output \\\n  .coverage-total .coverage-output.diff \\\n  .coverage-output.diff-branch .coverage-total.diff-branch \\\n  ${{ inputs.diff-storage }}-not-found\n","shell":"bash"}]},"default_branch":"main","path":null},"repo_metadata":{"id":45070671,"uuid":"439490077","full_name":"insightsengineering/coverage-action","owner":"insightsengineering","description":"Github Action that generates a coverage summary using a Cobertura XML report","archived":false,"fork":false,"pushed_at":"2025-07-03T20:08:39.000Z","size":250,"stargazers_count":20,"open_issues_count":5,"forks_count":10,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-10-08T01:35:40.626Z","etag":null,"topics":["coverage","github-actions"],"latest_commit_sha":null,"homepage":"https://github.com/marketplace/actions/code-coverage-report-action","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/insightsengineering.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"custom":["https://pharmaverse.org"]}},"created_at":"2021-12-18T00:05:27.000Z","updated_at":"2025-08-04T09:24:39.000Z","dependencies_parsed_at":"2023-11-07T13:37:27.163Z","dependency_job_id":"57ea3efb-081f-44ff-a0f2-f8335315d29a","html_url":"https://github.com/insightsengineering/coverage-action","commit_stats":{"total_commits":25,"total_committers":4,"mean_commits":6.25,"dds":0.56,"last_synced_commit":"c824e09077870548f99c15ecade2b5502344106d"},"previous_names":[],"tags_count":31,"template":false,"template_full_name":null,"purl":"pkg:github/insightsengineering/coverage-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/insightsengineering%2Fcoverage-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/insightsengineering%2Fcoverage-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/insightsengineering%2Fcoverage-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/insightsengineering%2Fcoverage-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/insightsengineering","download_url":"https://codeload.github.com/insightsengineering/coverage-action/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/insightsengineering%2Fcoverage-action/sbom","scorecard":{"id":489673,"data":{"date":"2025-08-11","repo":{"name":"github.com/insightsengineering/coverage-action","commit":"50449af77a423ca017bf5496a6711db404d31811"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.4,"checks":[{"name":"Code-Review","score":7,"reason":"Found 19/25 approved changesets -- score normalized to 7","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":2,"reason":"3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/cla.yaml:1","Warn: no topLevel permission defined: .github/workflows/lint.yaml:1","Warn: no topLevel permission defined: .github/workflows/tag.yaml:1","Warn: no topLevel permission defined: .github/workflows/test.yaml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/cla.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/insightsengineering/coverage-action/cla.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/insightsengineering/coverage-action/lint.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/insightsengineering/coverage-action/lint.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tag.yaml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/insightsengineering/coverage-action/tag.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yaml:286: update your workflow using https://app.stepsecurity.io/secureworkflow/insightsengineering/coverage-action/test.yaml/main?enable=pin","Info:   0 out of   3 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/insightsengineering/.github/SECURITY.md:1","Info: Found linked content: github.com/insightsengineering/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/insightsengineering/.github/SECURITY.md:1","Info: Found text in security policy: github.com/insightsengineering/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 26 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-19T18:44:40.504Z","repository_id":45070671,"created_at":"2025-08-19T18:44:40.504Z","updated_at":"2025-08-19T18:44:40.504Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30537819,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-15T07:17:37.589Z","status":"ssl_error","status_checked_at":"2026-03-15T07:17:31.738Z","response_time":61,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"insightsengineering","name":"Roche/Genentech - Insights Engineering","uuid":"80070020","kind":"organization","description":"Roche/Genentech - Insights Engineering","email":null,"website":"https://code4life.roche.com/","location":"Switzerland","twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/80070020?v=4","repositories_count":53,"last_synced_at":"2023-03-03T20:40:49.129Z","metadata":{"has_sponsors_listing":false,"funding":{"custom":["https://pharmaverse.org"]}},"html_url":"https://github.com/insightsengineering","funding_links":["https://pharmaverse.org"],"total_stars":null,"followers":null,"following":null,"created_at":"2022-11-14T05:24:25.614Z","updated_at":"2023-03-03T20:40:49.285Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/insightsengineering","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/insightsengineering/repositories"},"tags":[]},"repo_metadata_updated_at":"2026-03-16T04:04:09.311Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":1,"rankings":{"downloads":null,"dependent_repos_count":24.756773886864206,"dependent_packages_count":0.0,"stargazers_count":12.147044842338774,"forks_count":11.022025035652035,"docker_downloads_count":null,"average":11.981460941213754},"purl":"pkg:githubactions/insightsengineering/coverage-action","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/actions/insightsengineering/coverage-action","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/actions/insightsengineering/coverage-action","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/actions/insightsengineering/coverage-action/dependencies","status":null,"funding_links":["https://pharmaverse.org"],"critical":null,"issue_metadata":{"last_synced_at":"2025-11-03T06:01:56.027Z","issues_count":17,"pull_requests_count":38,"avg_time_to_close_issue":1876864.3636363635,"avg_time_to_close_pull_request":658975.59375,"issues_closed_count":11,"pull_requests_closed_count":32,"pull_request_authors_count":8,"issue_authors_count":15,"avg_comments_per_issue":1.1176470588235294,"avg_comments_per_pull_request":2.5526315789473686,"merged_pull_requests_count":30,"bot_issues_count":0,"bot_pull_requests_count":0,"past_year_issues_count":3,"past_year_pull_requests_count":4,"past_year_avg_time_to_close_issue":null,"past_year_avg_time_to_close_pull_request":239825.0,"past_year_issues_closed_count":0,"past_year_pull_requests_closed_count":2,"past_year_pull_request_authors_count":2,"past_year_issue_authors_count":2,"past_year_avg_comments_per_issue":0.6666666666666666,"past_year_avg_comments_per_pull_request":4.5,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":2,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/insightsengineering%2Fcoverage-action/issues","maintainers":[],"active_maintainers":[]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/insightsengineering%2Fcoverage-action/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/insightsengineering%2Fcoverage-action/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/insightsengineering%2Fcoverage-action/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/insightsengineering%2Fcoverage-action/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/insightsengineering%2Fcoverage-action/codemeta","maintainers":[]}