DiscoverAndChange · adunsulag · Sep 9, 2025 · Sep 5, 2025 · Sep 9, 2025 · Sep 9, 2025
diff --git a/.github/workflows/isolated-tests.yml b/.github/workflows/isolated-tests.yml
@@ -77,10 +77,23 @@ jobs:
                            --coverage-html=htmlcov \
                            --testdox
 
+    - name: Check if coverage files exist
+      if: ${{ (success() || failure()) }}
+      id: check-files
+      run: |
+        echo "clover_exists=$(test -f clover.xml && echo true || echo false)" >> $GITHUB_OUTPUT
+        echo "htmlcov_exists=$(test -d ./htmlcov && echo true || echo false)" >> $GITHUB_OUTPUT
     - name: Upload coverage reports
+      if: ${{ steps.check-files.outputs.clover_exists == 'true' && steps.check-files.outputs.html_exists == 'true' && (success() || failure()) }}
       uses: actions/upload-artifact@v4
       with:
         name: coverage-isolated-tests-php-${{ matrix.php-version }}
         path: |
           clover.xml
           htmlcov/
+    - name: Upload coverage reports to Codecov
+      if: ${{ steps.check-files.outputs.clover_exists == 'true' && (success() || failure()) }}
+      uses: codecov/codecov-action@v5
+      with:
+        token: ${{ secrets.CODECOV_TOKEN }}
+        files: clover.xml
diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml
@@ -61,7 +61,7 @@ jobs:
       # if only the workflow file itself is changed in a PR.
       # Thus we validate changes to the workflow file.
       continue-on-error: true
-      uses: tj-actions/changed-files@v46
+      uses: tj-actions/changed-files@v47
       with:
         # Keep the paths in sync with the paths in the on.push and on.pull_request sections
         # See https://github.com/tj-actions/changed-files/blob/v46/README.md#inputs-%EF%B8%8F

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -305,9 +305,9 @@ jobs:
       with:
         name: htmlcov
         path: ./htmlcov/
-    # - name: Upload coverage reports to Codecov
-    #   if: ${{ env.ENABLE_COVERAGE == 'true' && steps.check-files.outputs.clover_exists == 'true' && (success() || failure()) }}
-    #   uses: codecov/codecov-action@v5
-    #   with:
-    #     token: ${{ secrets.CODECOV_TOKEN }}
-    #     files: coverage.clover.xml
+    - name: Upload coverage reports to Codecov
+      if: ${{ env.ENABLE_COVERAGE == 'true' && steps.check-files.outputs.clover_exists == 'true' && (success() || failure()) }}
+      uses: codecov/codecov-action@v5
+      with:
+        token: ${{ secrets.CODECOV_TOKEN }}
+        files: coverage.clover.xml
diff --git a/API_README.md b/API_README.md
@@ -448,11 +448,10 @@ REST API endpoints are defined in the [primary routes file](_rest_routes.inc.php
 endpoint to the OpenEMR controller which handles the request, and also handles the JSON data conversions.
 
 ```php
-"POST /api/patient" => function () {
-    RestConfig::authorization_check("patients", "demo");
+"POST /api/patient" => function (HttpRestRequest $request) {
+    RestConfig::request_authorization_check($request, "patients", "demo");
     $data = (array) (json_decode(file_get_contents("php://input")));
     $return = (new PatientRestController())->post($data);
-    RestConfig::apiLog($return, $data);
     return $return;
 }
 ```

diff --git a/FHIR_README.md b/FHIR_README.md
@@ -73,7 +73,7 @@ When registering an API client to use with Swagger the following for the redirec
 Request:
 
 ```sh
-curl -X GET 'https://localhost:9300/apis/fhir/Patient' \
+curl -X GET 'https://localhost:9300/apis/default/fhir/Patient' \
   -H 'Authorization: Bearer eyJ0b2tlbiI6IjAwNnZ3eGJZYmFrOXlxUjF4U290Y1g4QVVDd3JOcG5yYXZEaFlqaHFjWXJXRGNDQUtFZmJONkh2cElTVkJiaWFobHBqOTBYZmlNRXpiY2FtU01pSHk1UzFlMmgxNmVqZEhcL1ZENlNtaVpTRFRLMmtsWDIyOFRKZzNhQmxMdUloZmNJM3FpMGFKZ003OXdtOGhYT3dpVkx5b3BFRXQ1TlNYNTE3UW5TZ0dsUVdQbG56WjVxOVYwc21tdDlSQ3RvcDV3TEkiLCJzaXRlX2lkIjoiZGVmYXVsdCIsImFwaSI6ImZoaXIifQ=='
 ```
 
@@ -246,9 +246,8 @@ endpoint to the OpenEMR FHIR controller which handles the request, and also hand
 
 ```php
 "GET /fhir/Patient" => function () {
-    RestConfig::authorization_check("patients", "demo");
+    RestConfig::request_authorization_check($request, "patients", "demo");
     $return = (new FhirPatientRestController())->getAll($_GET);
-    RestConfig::apiLog($return);
     return $return;
 }
 ```

diff --git a/README-Isolated-Testing.md b/README-Isolated-Testing.md
@@ -108,4 +108,4 @@ The isolated bootstrap only loads:
 - **Fast**: No database connection overhead
 - **Reliable**: No external service dependencies
 - **Portable**: Runs in any environment with PHP and Composer
-- **Isolated**: Tests don't affect each other through shared database state
+- **Isolated**: Tests don't affect each other through shared database state
diff --git a/README.md b/README.md
@@ -5,6 +5,7 @@
 [![PHPStan](https://github.com/openemr/openemr/actions/workflows/phpstan.yml/badge.svg)](https://github.com/openemr/openemr/actions/workflows/phpstan.yml)
 [![Rector](https://github.com/openemr/openemr/actions/workflows/rector.yml/badge.svg)](https://github.com/openemr/openemr/actions/workflows/rector.yml)
 [![ShellCheck](https://github.com/openemr/openemr/actions/workflows/shellcheck.yml/badge.svg)](https://github.com/openemr/openemr/actions/workflows/shellcheck.yml)
+[![codecov](https://codecov.io/gh/openemr/openemr/graph/badge.svg?token=7Eu3U1Ozdq)](https://codecov.io/gh/openemr/openemr)
 
 [![Backers on Open Collective](https://opencollective.com/openemr/backers/badge.svg)](#backers) [![Sponsors on Open Collective](https://opencollective.com/openemr/sponsors/badge.svg)](#sponsors)