We should introduce a mechanism which informs a PR reviewer when new code paths are introduced without tests, at least in critical packages like ingester, iter, distributor, etc.

We use to have codecov until a security incident forced us to remove it.

Additionally, we removed code coverage previously because it was largely noisy and didn't provide much value - at least when the team was smaller and the velocity was lower. Now that we have a much larger group of folks working on the product, re-introducing code coverage might help us catch defects before making it into production.

Whatever we end up using for code coverage, it should be:

• fast: don't make CI any slower than it already is
• accurate: don't produce incorrect or untrustworthy results
• non-blocking: the reviewer will use their discretion to merge the PR or not; the code coverage is just a nudge
• secure: the catalyst for our removing codecov was a security incident