added an example of pure bash coverage

[ostvld]

added an example of pure bash coverage

Summary by CodeRabbit

• New Features

  • Added a built-in coverage report runner and a wrapper to invoke the bundled coverage generator.
  • Introduced a verbose/debug mode that prints annotated debug traces (file:line) when enabled.

• Chores

  • Added and updated an external coverage tool as a Git submodule; initialize/update submodules after checkout to fetch it.

• Notes

  • No behavioral changes unless verbose mode is enabled.

[coderabbitai]

Walkthrough

Adds a Git submodule at calc_coverage/pure_bash_coverage (recording its new commit), adds calc_coverage/run_cov.sh to invoke the submodule’s coverage generator against ../entry.sh, and updates entry.sh to export PS4, print INPUT_VERBOSE, and conditionally enable xtrace when INPUT_VERBOSE is true.

Changes

Cohort / File(s)	Summary of Changes
Submodule setup .gitmodules, calc_coverage/pure_bash_coverage	Added .gitmodules entry for calc_coverage/pure_bash_coverage with URL https://github.com/ostvld/pure_bash_coverage.git and top-of-file SPDX header comments; updated recorded submodule commit pointer to d381d83d89f66bd20ea0c3b771b97fca5f7b983e.
Coverage run script calc_coverage/run_cov.sh	New Bash wrapper: strict mode (set -euo pipefail), exports INPUT_VERBOSE="true" and echoes it, resolves its directory, and invokes pure_bash_coverage/generate_coverage_report.sh targeting ../entry.sh.
Entry script tracing entry.sh	Exports PS4='+${BASH_SOURCE}:${LINENO}:', prints INPUT_VERBOSE at startup, and enables set -x when INPUT_VERBOSE == 'true' (applied early; later re-enable removed).

Sequence Diagram(s)

sequenceDiagram
    autonumber
    actor Dev as Developer
    participant Run as run_cov.sh
    participant Cov as pure_bash_coverage/generate_coverage_report.sh
    participant Ent as entry.sh

    Dev->>Run: Execute run_cov.sh
    note right of Run #f0f4c3: set -euo pipefail\nexport INPUT_VERBOSE=true\necho $INPUT_VERBOSE
    Run->>Cov: invoke generator with path to ../entry.sh
    Cov->>Ent: execute entry.sh under coverage
    note right of Ent #e1f5fe: export PS4='+${BASH_SOURCE}:${LINENO}:'\necho $INPUT_VERBOSE\nif INPUT_VERBOSE=='true' then set -x
    Ent-->>Cov: completes execution
    Cov-->>Run: generates coverage report
    Run-->>Dev: exit status returned

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

I’m a rabbit in the tree of code,
I linked a branch and traced the road.
A tiny wrapper sings verbose and bright,
Debug hops softly through the night.
Coverage carrots — what a sight! 🥕🐇

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (8)

.gitmodules (3)

3-3: Trim trailing whitespace in URL line.

There’s a trailing space after “.git”. Harmless but noisy in diffs.

Apply:

-	url = https://github.com/ostvld/pure_bash_coverage.git 
+	url = https://github.com/ostvld/pure_bash_coverage.git

---

1-3: Consider shallow submodule to speed CI clones.

Adds depth=1 by default; safe for read-only usage.

Apply:

 [submodule "calc_coverage/pure_bash_coverage"]
 	path = calc_coverage/pure_bash_coverage
 	url = https://github.com/ostvld/pure_bash_coverage.git
+	shallow = true

---

1-3: Confirm repository source/ownership.

URL points to a personal fork (ostvld). If this is intended—fine. If not, prefer an org-owned upstream to reduce supply-chain risk.

calc_coverage/pure_bash_coverage (1)

1-1: Guard against missing submodule at runtime.

Add a quick existence check in calc_coverage/run_cov.sh to fail fast with guidance if the submodule isn’t initialized.

Example snippet to prepend in run_cov.sh:

SUBMOD="${DIR}/pure_bash_coverage/generate_coverage_report.sh"
if [[ ! -x "$SUBMOD" ]]; then
  echo "pure_bash_coverage submodule not found. Run: git submodule update --init --recursive" >&2
  exit 1
fi

entry.sh (3)

5-6: PS4 is fine; consider richer trace prefix (optional).

Current PS4 works. If helpful, include function for easier triage.

-export PS4='+${BASH_SOURCE}:${LINENO}:'
+export PS4='+${BASH_SOURCE}:${LINENO}:${FUNCNAME[0]}:'

---

9-11: Make verbose check case-insensitive and use [[ ... ]].

More robust to inputs like "True"/"TRUE".

-if [ "${INPUT_VERBOSE}" == 'true' ]; then
-    set -x
-fi
+if [[ "${INPUT_VERBOSE,,}" == 'true' ]]; then
+    set -x
+fi

---

29-31: Duplicate set -x block; remove or guard.

You already enable tracing above; this second block is redundant.

-if [ "${INPUT_VERBOSE}" == 'true' ]; then
-    set -x
-fi
+# Tracing already enabled earlier when INPUT_VERBOSE=true

calc_coverage/run_cov.sh (1)

3-4: Don’t overwrite pre-set INPUT_VERBOSE; label the echo.

Allow callers to override and keep logs consistent with entry.sh.

-export INPUT_VERBOSE="true"
-echo "${INPUT_VERBOSE}"
+export INPUT_VERBOSE="${INPUT_VERBOSE:-true}"
+echo "INPUT_VERBOSE: ${INPUT_VERBOSE}"

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between ecf5804 and f936060.

📒 Files selected for processing (4)

• .gitmodules (1 hunks)
• calc_coverage/pure_bash_coverage (1 hunks)
• calc_coverage/run_cov.sh (1 hunks)
• entry.sh (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

entry.sh (1)

makes/entries.sh (1)

• run_test (11-27)

🪛 GitHub Actions: copyrights

calc_coverage/run_cov.sh

[warning] 1-1: Missed: calc_coverage/run_cov.sh.

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: make

🔇 Additional comments (1)

calc_coverage/pure_bash_coverage (1)

1-1: Submodule pinned; license and supply-chain review required
The submodule calc_coverage/pure_bash_coverage is at https://github.com/ostvld/pure_bash_coverage.git pinned to commit 60ef6a7795eb67c1dc2d3c82cc486fd589c93eb5. Verify its license compatibility and, if this dependency is critical long-term, consider forking under our org or vendoring it and managing updates via PRs.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Ensure CI fetches submodules (actions/checkout).

If your workflows don’t set submodules: true/recursive, builds will miss this content.

Run this to verify and show offending jobs:

If missing, add:

- uses: actions/checkout@v4
  with:
    submodules: recursive
    fetch-depth: 0

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail
# List workflow steps using actions/checkout and whether they enable submodules
rg -nC3 --glob '.github/workflows/**/*.{yml,yaml}' '\buses:\s*actions/checkout@' 
rg -nC2 --glob '.github/workflows/**/*.{yml,yaml}' '\bsubmodules:\s*(true|recursive)'

Length of output: 251

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail
# List all files under .github directory to locate workflows
find .github -type f

Length of output: 569

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail
# Search for actions/checkout usage in workflow files
rg -nC3 'uses:\s*actions/checkout@' .github/workflows/*.yml
# Search for submodules:true or recursive in those files
rg -nC2 'submodules:\s*(true|recursive)' .github/workflows/*.yml

Length of output: 7003

---

Enable submodule fetching in CI workflows

All workflows under .github/workflows use actions/checkout@v5 but omit submodule settings, so the calc_coverage/pure_bash_coverage submodule isn’t cloned. In each workflow’s checkout step, add:

- uses: actions/checkout@v5
  with:
    submodules: recursive
    fetch-depth: 0

🤖 Prompt for AI Agents

In .gitmodules around lines 1 to 3, CI workflows currently do not fetch the
calc_coverage/pure_bash_coverage submodule because actions/checkout@v5 steps
lack submodule settings; update every GitHub Actions workflow file under
.github/workflows to modify the checkout step to include submodules: recursive
and fetch-depth: 0 so the submodule is cloned and full history is available for
coverage tasks.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Submodule added and pinned — ensure CI initializes it.

Pinning to a commit is good for reproducibility. Make sure your workflows/checkouts fetch submodules; otherwise run_cov.sh will fail when calling ${DIR}/pure_bash_coverage/generate_coverage_report.sh.

• In GitHub Actions, configure checkout:
  • uses: actions/checkout@v4
    with:
    submodules: recursive
    fetch-depth: 0

Run to confirm CI is set up or to audit locally:

---

🏁 Script executed:

#!/bin/bash
# Check .gitmodules and submodule status
test -f .gitmodules && cat .gitmodules
git submodule status || true

Length of output: 282

---

🏁 Script executed:

#!/bin/bash
# Check GitHub Actions workflows for submodule checkout configuration
if [ -d .github/workflows ]; then
  grep -R "uses:.*actions/checkout" -n .github/workflows
  grep -R "submodules:" -n .github/workflows
else
  echo "No .github/workflows directory found"
fi

Length of output: 1201

---

Configure CI to fetch submodules
Your GitHub Actions workflows use actions/checkout@v5 but lack the with: submodules: recursive and fetch-depth: 0 settings. Add these to every checkout step in .github/workflows/*.yml that runs run_cov.sh, for example:

- uses: actions/checkout@v5
  with:
    submodules: recursive
    fetch-depth: 0

Without this, calc_coverage/pure_bash_coverage/generate_coverage_report.sh will fail.

🤖 Prompt for AI Agents

In calc_coverage/pure_bash_coverage at lines 1-1: CI workflows that invoke
run_cov.sh may fail because actions/checkout@v5 is used without submodule and
full history settings; update every .github/workflows/*.yml workflow that runs
run_cov.sh to set the checkout step with with: submodules: recursive and
fetch-depth: 0 so submodules are fetched and full git history is available for
the pure_bash_coverage/generate_coverage_report.sh script to run correctly.

[yegor256]

@ostvld this doesn't look nice, maybe you left it here by mistake?

[yegor256]

@ostvld we have similar lines just 10 lines below, why repeating?

[yegor256]

@ostvld looks very interesting! Please, address a few concerns above.

[yegor256]

@ostvld what will it generate? Will the file be suitable for codecov.io?

[vbvictor]

@ostvld, The script interface is generally in Russian. I believe this could a problem for international developers to read logs and coverage statistics.
The script should be full in English.

[ostvld]

ok

[0crat]

@ostvld Hey there! 👋 Heads up about your branch name "master" - it's not really the best practice. Our policy states we should use ticket numbers for branch names, so "988" would've been spot-on here. This slip-up means a 12-point deduction, bringing your balance to -24. Don't forget to check your Zerocracy balance too! Let's nail those branch names next time and keep those points intact. 💪

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

entry.sh (1)

6-6: Gate the noisy “INPUT_VERBOSE” banner behind verbose mode.

Avoids extra log chatter when not debugging.

-echo "INPUT_VERBOSE: ${INPUT_VERBOSE}"
+if [ "${INPUT_VERBOSE}" = 'true' ]; then
+  echo "INPUT_VERBOSE: ${INPUT_VERBOSE}"
+fi

🧹 Nitpick comments (1)

entry.sh (1)

5-5: Make xtrace prefix shorter and easier to scan.

Using only the basename reduces noise; adding a trailing space improves readability of traces.

-export PS4='+${BASH_SOURCE}:${LINENO}:'
+export PS4='+${BASH_SOURCE##*/}:${LINENO}: '

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 233ee26 and 9562c76.

📒 Files selected for processing (3)

• .gitmodules (1 hunks)
• calc_coverage/pure_bash_coverage (1 hunks)
• entry.sh (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• .gitmodules
• calc_coverage/pure_bash_coverage

🧰 Additional context used

🧬 Code graph analysis (1)

entry.sh (1)

makes/entries.sh (1)

• run_test (11-27)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: make

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

set -x can leak tokens/PII into logs — localize tracing.

Even with GitHub’s masking, echoed CLI args like --token=… may slip into traces. Keep tracing opt-in but disable it around sensitive commands.

Minimal change here to track trace state:

-if [ "${INPUT_VERBOSE}" == 'true' ]; then
-    set -x
-fi
+TRACE_ON=false
+if [ "${INPUT_VERBOSE}" = 'true' ]; then
+  set -x
+  TRACE_ON=true
+fi

Then, around sensitive calls elsewhere (pull/download/push), bracket with:

# before a command that prints tokens/credentials:
if [ "${TRACE_ON}" = 'true' ]; then set +x; fi
${JUDGES} "${gopts[@]}" pull --timeout=0 "--token=${INPUT_TOKEN}" "--owner=${owner}" "${name}" "${fb}"
if [ "${TRACE_ON}" = 'true' ]; then set -x; fi

Optionally route xtrace to a dedicated FD for cleaner logs:

# near the trace enablement
exec 3>&2
export BASH_XTRACEFD=3

Run to locate sensitive lines to bracket:

---

🏁 Script executed:

#!/bin/bash
# Find likely sensitive usages to guard when tracing is on
rg -nP --type=sh -C1 '(--token=|INPUT_GITHUB-TOKEN|INPUT_TOKEN|github_token)' entry.sh

Length of output: 1525

---

Localize tracing around sensitive token usage
Wrap any ${JUDGES} invocation that passes --token=${INPUT_TOKEN} (and similar --option=github_token…) with tracing off/on using a TRACE_ON flag:

• Top of entry.sh (replace lines 9–12):

- if [ "${INPUT_VERBOSE}" == 'true' ]; then
-     set -x
- fi
+ TRACE_ON=false
+ if [ "${INPUT_VERBOSE}" = 'true' ]; then
+   set -x
+   TRACE_ON=true
+ fi

• For each sensitive call at lines 154–156, 165–167, 208–210, 233–235, wrap as:

if [ "$TRACE_ON" = 'true' ]; then set +x; fi
${JUDGES} "${gopts[@]}" … "--token=${INPUT_TOKEN}" …
if [ "$TRACE_ON" = 'true' ]; then set -x; fi

(Optional) route xtrace to a dedicated FD for cleaner logs:

exec 3>&2
export BASH_XTRACEFD=3

🤖 Prompt for AI Agents

In entry.sh around lines 9–12, and for the sensitive invocations at lines
154–156, 165–167, 208–210, 233–235: introduce a TRACE_ON flag and localize
xtrace around any command that passes secrets (e.g. --token=${INPUT_TOKEN}) by
turning tracing off before the call (set +x) and restoring it after (set -x)
only if TRACE_ON is true; replace the current global set -x handling at lines
9–12 with initialization of TRACE_ON based on INPUT_VERBOSE and (optionally) set
up a dedicated xtrace FD (exec 3>&2 and export BASH_XTRACEFD=3) if you want
cleaner logs, then wrap each sensitive ${JUDGES} invocation with the conditional
set +x / set -x guards so tokens never appear in traces.

[vbvictor]

I think this file should be added to Reuse.toml instead. It's odd to see copyright notice in configs