{{ message }}
Tags: PSModule/Invoke-ScriptAnalyzer
Tags
Bump PSModule/Invoke-Pester from 4.2.3 to 4.2.4 (#30) Bumps [PSModule/Invoke-Pester](https://github.com/psmodule/invoke-pester) from 4.2.3 to 4.2.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/psmodule/invoke-pester/releases">PSModule/Invoke-Pester's releases</a>.</em></p> <blockquote> <h2>v4.2.4</h2> <h1>Bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/61">#61</a>)</h1> <p>Bumps <a href="https://github.com/actions/upload-artifact">actions/upload-artifact</a> from 6.0.0 to 7.0.0.</p> <!-- raw HTML omitted --> <p><a href="https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores"><img src="https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=6.0.0&new-version=7.0.0" alt="Dependabot compatibility score" /></a></p> <p>Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting <code>@dependabot rebase</code>.</p> <hr /> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/abddf7bef0d0614d7ca322036af6a06ee0fb4d44"><code>abddf7b</code></a> Bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/61">#61</a>)</li> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/3cdb795322f1ed0594921f909a993b35ea288f46"><code>3cdb795</code></a> ⚙️ [Maintenance]: Add afterall to codespell ignore words list (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/60">#60</a>)</li> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/ba25d5abf2625cae637b7dfe2e34976b3465f662"><code>ba25d5a</code></a> Bump super-linter/super-linter from 8.4.0 to 8.5.0 (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/59">#59</a>)</li> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/d1e3cbf98778a1a0d7523bd92f150abe8c9c4839"><code>d1e3cbf</code></a> ⚙️ [Maintenance]: Update super-linter to v8.4.0 (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/58">#58</a>)</li> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/e4cb409df8a3eaf6bf12a016202f752210291233"><code>e4cb409</code></a> ⚙️ [Maintenance]: Align workflows across action repositories (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/57">#57</a>)</li> <li>See full diff in <a href="https://github.com/psmodule/invoke-pester/compare/1fcb663c0efe914e8374d78e16aa7bb907ea2434...abddf7bef0d0614d7ca322036af6a06ee0fb4d44">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump PSModule/Invoke-Pester from 4.2.3 to 4.2.4 (#30) Bumps [PSModule/Invoke-Pester](https://github.com/psmodule/invoke-pester) from 4.2.3 to 4.2.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/psmodule/invoke-pester/releases">PSModule/Invoke-Pester's releases</a>.</em></p> <blockquote> <h2>v4.2.4</h2> <h1>Bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/61">#61</a>)</h1> <p>Bumps <a href="https://github.com/actions/upload-artifact">actions/upload-artifact</a> from 6.0.0 to 7.0.0.</p> <!-- raw HTML omitted --> <p><a href="https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores"><img src="https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=6.0.0&new-version=7.0.0" alt="Dependabot compatibility score" /></a></p> <p>Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting <code>@dependabot rebase</code>.</p> <hr /> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/abddf7bef0d0614d7ca322036af6a06ee0fb4d44"><code>abddf7b</code></a> Bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/61">#61</a>)</li> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/3cdb795322f1ed0594921f909a993b35ea288f46"><code>3cdb795</code></a> ⚙️ [Maintenance]: Add afterall to codespell ignore words list (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/60">#60</a>)</li> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/ba25d5abf2625cae637b7dfe2e34976b3465f662"><code>ba25d5a</code></a> Bump super-linter/super-linter from 8.4.0 to 8.5.0 (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/59">#59</a>)</li> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/d1e3cbf98778a1a0d7523bd92f150abe8c9c4839"><code>d1e3cbf</code></a> ⚙️ [Maintenance]: Update super-linter to v8.4.0 (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/58">#58</a>)</li> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/e4cb409df8a3eaf6bf12a016202f752210291233"><code>e4cb409</code></a> ⚙️ [Maintenance]: Align workflows across action repositories (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/57">#57</a>)</li> <li>See full diff in <a href="https://github.com/psmodule/invoke-pester/compare/1fcb663c0efe914e8374d78e16aa7bb907ea2434...abddf7bef0d0614d7ca322036af6a06ee0fb4d44">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump PSModule/Invoke-Pester from 4.2.3 to 4.2.4 (#30) Bumps [PSModule/Invoke-Pester](https://github.com/psmodule/invoke-pester) from 4.2.3 to 4.2.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/psmodule/invoke-pester/releases">PSModule/Invoke-Pester's releases</a>.</em></p> <blockquote> <h2>v4.2.4</h2> <h1>Bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/61">#61</a>)</h1> <p>Bumps <a href="https://github.com/actions/upload-artifact">actions/upload-artifact</a> from 6.0.0 to 7.0.0.</p> <!-- raw HTML omitted --> <p><a href="https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores"><img src="https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=6.0.0&new-version=7.0.0" alt="Dependabot compatibility score" /></a></p> <p>Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting <code>@dependabot rebase</code>.</p> <hr /> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/abddf7bef0d0614d7ca322036af6a06ee0fb4d44"><code>abddf7b</code></a> Bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/61">#61</a>)</li> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/3cdb795322f1ed0594921f909a993b35ea288f46"><code>3cdb795</code></a> ⚙️ [Maintenance]: Add afterall to codespell ignore words list (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/60">#60</a>)</li> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/ba25d5abf2625cae637b7dfe2e34976b3465f662"><code>ba25d5a</code></a> Bump super-linter/super-linter from 8.4.0 to 8.5.0 (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/59">#59</a>)</li> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/d1e3cbf98778a1a0d7523bd92f150abe8c9c4839"><code>d1e3cbf</code></a> ⚙️ [Maintenance]: Update super-linter to v8.4.0 (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/58">#58</a>)</li> <li><a href="https://github.com/PSModule/Invoke-Pester/commit/e4cb409df8a3eaf6bf12a016202f752210291233"><code>e4cb409</code></a> ⚙️ [Maintenance]: Align workflows across action repositories (<a href="https://redirect.github.com/psmodule/invoke-pester/issues/57">#57</a>)</li> <li>See full diff in <a href="https://github.com/psmodule/invoke-pester/compare/1fcb663c0efe914e8374d78e16aa7bb907ea2434...abddf7bef0d0614d7ca322036af6a06ee0fb4d44">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
🩹[Patch]: Workflow improvements (#24) This release focuses on updating and improving the project's GitHub Actions workflows and configuration files. The main goals are to enhance security and reliability by pinning action versions, streamline release and dependency management, and clean up unused or redundant configuration files. - Fixes #23 **Workflow and Action Updates:** * Updated all uses of `actions/checkout` to reference a specific commit hash (`de0fac2e4500dabe0009e67214ff5f5447ce83dd`) for improved security and reproducibility across workflows. * Replaced unpinned or generic action versions with commit-pinned versions for `PSModule/GitHub-Script`, `super-linter/super-linter`, and `PSModule/Invoke-Pester` to ensure consistent behavior and improve security. * Updated the linter workflow to use a pinned version of `super-linter` and added/adjusted validation environment variables. **Release and Dependency Management:** * Renamed `.github/workflows/Auto-Release.yml` to `.github/workflows/Release.yml`, updated the workflow name, and switched the trigger from `pull_request_target` to `pull_request` for better security. Also restricted the workflow to run only on changes to `action.yml` and `src/**`. * Replaced the use of `PSModule/Auto-Release` with `PSModule/Release-GHRepository` in the release workflow, and updated job names accordingly. * Changed the Dependabot update schedule from weekly to daily and added a cooldown period to manage update frequency. **Configuration Cleanup:** * Removed the `.github/linters/.jscpd.json` file and `.github/release.yml`, indicating a cleanup of unused or redundant configuration files. **Other Improvements:** * Fixed a typo in `README.md` for clarity. * Updated script paths in `action.yml` from `scripts/` to `src/` to reflect directory restructuring.
Bump actions/checkout from 5 to 6 (#22) Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>v6-beta by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2298">actions/checkout#2298</a></li> <li>update readme/changelog for v6 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2311">actions/checkout#2311</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v5.0.0...v6.0.0">https://github.com/actions/checkout/compare/v5.0.0...v6.0.0</a></p> <h2>v6-beta</h2> <h2>What's Changed</h2> <p>Updated persist-credentials to store the credentials under <code>$RUNNER_TEMP</code> instead of directly in the local git config.</p> <p>This requires a minimum Actions Runner version of <a href="https://github.com/actions/runner/releases/tag/v2.329.0">v2.329.0</a> to access the persisted credentials for <a href="https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action">Docker container action</a> scenarios.</p> <h2>v5.0.1</h2> <h2>What's Changed</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v5...v5.0.1">https://github.com/actions/checkout/compare/v5...v5.0.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V6.0.0</h2> <ul> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> </ul> <h2>V5.0.1</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <h2>V5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>V4.3.1</h2> <ul> <li>Port v6 cleanup to v4 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li> </ul> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3"><code>1af3b93</code></a> update readme/changelog for v6 (<a href="https://redirect.github.com/actions/checkout/issues/2311">#2311</a>)</li> <li><a href="https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e"><code>71cf226</code></a> v6-beta (<a href="https://redirect.github.com/actions/checkout/issues/2298">#2298</a>)</li> <li><a href="https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e"><code>069c695</code></a> Persist creds to a separate file (<a href="https://redirect.github.com/actions/checkout/issues/2286">#2286</a>)</li> <li><a href="https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493"><code>ff7abcd</code></a> Update README to include Node.js 24 support details and requirements (<a href="https://redirect.github.com/actions/checkout/issues/2248">#2248</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/v5...v6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
🚀[Feature]: Add `Notice_Mode` input to control test completion notifi… …cations (#21) This release introduces a new `Notice_Mode` input parameter to control when GitHub notices are displayed for test completion. By default, notices are now only shown on test failure, providing more flexibility in managing action output verbosity. ## What's New - **New Input: `Notice_Mode`** - Controls when GitHub notices are displayed for test completion: - `Full`: Show notices on both success and failure. - `Failed` (default): Show notices only on failure. - `None`: Disable notices entirely. This provides more flexibility in managing action output verbosity. ## Changes - Updated `action.yml` to define the new input and pass it via environment variables. - Updated `README.md` with input documentation.
🩹 [Patch]: Encode all PowerShell files using UTF8 with BOM (#20) ## Description This pull request introduces a minor change to the `Planets.ps1` files in both `srcTestRepo` and `srcWithManifestTestRepo`. The only difference is the addition of a Unicode Byte Order Mark (BOM) at the beginning of each file, which does not affect the functionality of the scripts. - Added a Unicode BOM to the start of `Planets.ps1` in both `tests/srcTestRepo/src/variables/public/` and `tests/srcWithManifestTestRepo/src/variables/public/` for encoding consistency.
🩹 [Patch]: Encode all PowerShell files using UTF8 with BOM (#20) ## Description This pull request introduces a minor change to the `Planets.ps1` files in both `srcTestRepo` and `srcWithManifestTestRepo`. The only difference is the addition of a Unicode Byte Order Mark (BOM) at the beginning of each file, which does not affect the functionality of the scripts. - Added a Unicode BOM to the start of `Planets.ps1` in both `tests/srcTestRepo/src/variables/public/` and `tests/srcWithManifestTestRepo/src/variables/public/` for encoding consistency.
🩹 [Patch]: Default to built-in Invoke-ScriptAnalyzer settings (#19) This pull request introduces improved handling of the settings file for the ScriptAnalyzer GitHub Action, adds a new test scenario for default settings, and updates CI workflows and documentation to reflect these changes. The main goals are to make the settings file optional, clarify precedence, and ensure robust testing and reporting. **Key changes:** Settings file handling and usage: * The action now treats the settings file as optional; if not provided or not found, it falls back to ScriptAnalyzer defaults. Settings file precedence is clarified and documented, and code is updated to handle missing files gracefully without throwing errors. (`scripts/main.ps1` [[1]](diffhunk://#diff-dc2e5a659836b1b73abb03421c567f5018c2755677c4a0aa764cb26117b68011L5-L15) `scripts/tests/PSScriptAnalyzer/PSScriptAnalyzer.Tests.ps1` [[2]](diffhunk://#diff-506030604c5eac4d6d266aa14f0e8cf3a8121425c1f579406e3a003d5b091ac9L14-R32) [[3]](diffhunk://#diff-506030604c5eac4d6d266aa14f0e8cf3a8121425c1f579406e3a003d5b091ac9R76-R87) [[4]](diffhunk://#diff-506030604c5eac4d6d266aa14f0e8cf3a8121425c1f579406e3a003d5b091ac9L91-R122) `README.md` [[5]](diffhunk://#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5L91-R125) Continuous Integration workflow improvements: * All `actions/checkout` steps in workflow files now set `persist-credentials: false` for improved security and consistency. (`.github/workflows/Action-Test.yml` [[1]](diffhunk://#diff-a12ae5c885b0673c0ff6f70c2670886907590d624626e07da4c52e01aeaf56a4R29-R30) [[2]](diffhunk://#diff-a12ae5c885b0673c0ff6f70c2670886907590d624626e07da4c52e01aeaf56a4R54-R55) [[3]](diffhunk://#diff-a12ae5c885b0673c0ff6f70c2670886907590d624626e07da4c52e01aeaf56a4R80-R81) [[4]](diffhunk://#diff-a12ae5c885b0673c0ff6f70c2670886907590d624626e07da4c52e01aeaf56a4R133-R134) [[5]](diffhunk://#diff-a12ae5c885b0673c0ff6f70c2670886907590d624626e07da4c52e01aeaf56a4R155-R179) `.github/workflows/Auto-Release.yml` [[6]](diffhunk://#diff-d3f6900ee5159d4bc4ba6d893e2dd8443c2691b0490d7351cffbd7a37ed8d95aR30-R31) `.github/workflows/Linter.yml` [[7]](diffhunk://#diff-482e65806ed9e4a7320f14964764086b91fed4a28d12e4efde1776472e147e79R24) * A new test job, `ActionTestSrcWithManifestDefault`, is added to verify the action's behavior when no settings file is present (i.e., default settings are used). The workflow aggregation and environment variable naming are updated for clarity and maintainability. (`.github/workflows/Action-Test.yml` [[1]](diffhunk://#diff-a12ae5c885b0673c0ff6f70c2670886907590d624626e07da4c52e01aeaf56a4R98-R123) [[2]](diffhunk://#diff-a12ae5c885b0673c0ff6f70c2670886907590d624626e07da4c52e01aeaf56a4R155-R179) `tests/Get-AggregatedStatus.ps1` [[3]](diffhunk://#diff-dc50f3891fd8a2d62df15437f55b45ed09c908756bd8bfdc11fd71826abda1b7L23-R92) Documentation and configuration updates: * The README is updated to clearly explain settings file precedence and provide usage examples for all scenarios (custom, default, and none). (`README.md` [README.mdL91-R125](diffhunk://#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5L91-R125)) * Linter workflow configuration is updated to include new validation options and disables certain Biome and zizmor validations for clarity. (`.github/workflows/Linter.yml` [.github/workflows/Linter.ymlR34-R36](diffhunk://#diff-482e65806ed9e4a7320f14964764086b91fed4a28d12e4efde1776472e147e79R34-R36)) --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
🌟[Major]: Remove `Settings` with predefined settings (#18) ## Description This pull request simplifies the configuration of the script analyzer action by removing the `Settings` input (which previously allowed selecting between `Module`, `SourceCode`, or `Custom` modes) in favor of always using a `SettingsFilePath`. Documentation, workflow, and implementation are updated to reflect this streamlined approach. Additionally, a new example settings file for source code analysis is added for clarity. **Configuration and API Simplification:** - Removed the `Settings` input from `action.yml`, the workflow, and environment variables, so users now always specify a `SettingsFilePath` for analyzer configuration. The default settings file path is now `.github/linters/.powershell-psscriptanalyzer.psd1`. [[1]](diffhunk://#diff-1243c5424efaaa19bd8e813c5e6f6da46316e63761421b3e5f5c8ced9a36e6b6L12-R15) [[2]](diffhunk://#diff-1243c5424efaaa19bd8e813c5e6f6da46316e63761421b3e5f5c8ced9a36e6b6L254) [[3]](diffhunk://#diff-1243c5424efaaa19bd8e813c5e6f6da46316e63761421b3e5f5c8ced9a36e6b6L268) [[4]](diffhunk://#diff-a12ae5c885b0673c0ff6f70c2670886907590d624626e07da4c52e01aeaf56a4L35) [[5]](diffhunk://#diff-a12ae5c885b0673c0ff6f70c2670886907590d624626e07da4c52e01aeaf56a4L59) [[6]](diffhunk://#diff-a12ae5c885b0673c0ff6f70c2670886907590d624626e07da4c52e01aeaf56a4L85-R83) [[7]](diffhunk://#diff-a12ae5c885b0673c0ff6f70c2670886907590d624626e07da4c52e01aeaf56a4L109) **Documentation Updates:** - Updated `README.md` to remove references to the old `Settings` input and predefined settings types, clarifying that users should provide a settings file via `SettingsFilePath`. Usage instructions and examples are revised accordingly. [[1]](diffhunk://#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5L21-R21) [[2]](diffhunk://#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5L92-R100) [[3]](diffhunk://#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5L142-R140) **Implementation Changes:** - Refactored `scripts/main.ps1` to resolve only the `SettingsFilePath` and validate its existence, removing all logic related to the `Settings` input and its switch statement. **Test and Example Improvements:** - Added a new `tests/srcWithManifestTestRepo/tests/SourceCode.Settings.psd1` file containing example analyzer rules for source code analysis. --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
PreviousNext