@codecov/rollup-plugin
Advanced tools
A Rollup plugin that provides bundle analysis support for Codecov.
[!NOTE] The plugin does not support code coverage, see our docs to set up coverage today!
Using npm:
npm install @codecov/rollup-plugin --save-dev
Using yarn:
yarn add @codecov/rollup-plugin --dev
Using pnpm:
pnpm add @codecov/rollup-plugin --save-dev
This configuration will automatically upload the bundle analysis to Codecov for public repositories. When an internal PR is created it will use the Codecov token set in your secrets, and if running from a forked PR, it will use the tokenless setting automatically. For setups not using GitHub Actions see the following example. For private repositories see the following example.
// rollup.config.js
import { defineConfig } from "rollup";
import { codecovRollupPlugin } from "@codecov/rollup-plugin";
export default defineConfig({
plugins: [
// Put the Codecov rollup plugin after all other plugins
codecovRollupPlugin({
enableBundleAnalysis: true,
bundleName: "example-rollup-bundle",
uploadToken: process.env.CODECOV_TOKEN,
gitService: "github",
}),
],
});
This setup is for public repositories that are not using GitHub Actions, this configuration will automatically upload the bundle analysis to Codecov. You will need to configure the it similar to the GitHub Actions example, however you will need to provide a branch override, and ensure that it will pass the correct branch name, and with forks including the fork-owner i.e. fork-owner:branch.
// rollup.config.js
import { defineConfig } from "rollup";
import { codecovRollupPlugin } from "@codecov/rollup-plugin";
export default defineConfig({
plugins: [
// Put the Codecov rollup plugin after all other plugins
codecovRollupPlugin({
enableBundleAnalysis: true,
bundleName: "example-rollup-bundle",
uploadToken: process.env.CODECOV_TOKEN,
gitService: "github",
uploadOverrides: {
branch: "<branch value>",
},
}),
],
});
This is the required way to use the plugin for private repositories. This configuration will automatically upload the bundle analysis to Codecov.
// rollup.config.js
import { defineConfig } from "rollup";
import { codecovRollupPlugin } from "@codecov/rollup-plugin";
export default defineConfig({
plugins: [
// Put the Codecov rollup plugin after all other plugins
codecovRollupPlugin({
enableBundleAnalysis: true,
bundleName: "example-rollup-bundle",
uploadToken: process.env.CODECOV_TOKEN,
}),
],
});
For users with OpenID Connect (OIDC) enabled, setting the uploadToken is not necessary. You can use OIDC with the oidc configuration as following.
// rollup.config.js
import { defineConfig } from "rollup";
import { codecovRollupPlugin } from "@codecov/rollup-plugin";
export default defineConfig({
plugins: [
// Put the Codecov rollup plugin after all other plugins
codecovRollupPlugin({
enableBundleAnalysis: true,
bundleName: "example-rollup-bundle",
oidc: {
useGitHubOIDC: true,
},
}),
],
});
FAQs
Official Codecov Rollup plugin
We found that @codecov/rollup-plugin demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket’s new Tier 1 Reachability filters out up to 80% of irrelevant CVEs, so security teams can focus on the vulnerabilities that matter.
Research
/Security News
Ongoing npm supply chain attack spreads to DuckDB: multiple packages compromised with the same wallet-drainer malware.
Security News
The MCP Steering Committee has launched the official MCP Registry in preview, a central hub for discovering and publishing MCP servers.