Skip to content

🩹[Patch]: Workflow improvements #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
MariusStorhaug merged 6 commits into from
Jan 27, 2026
Merged

🩹[Patch]: Workflow improvements #9

MariusStorhaug merged 6 commits into from
Jan 27, 2026

Conversation

@MariusStorhaug
Copy link
Member

@MariusStorhaug MariusStorhaug commented Jan 22, 2026
edited
Loading

This release updates and improves several aspects of the project's GitHub Actions workflows and related configuration files. The main changes include refactoring the release workflow for clarity and security, updating dependencies and action versions to use specific commit SHAs, and cleaning up unused or redundant configuration files.

Workflow and CI/CD Improvements:

  • Renamed .github/workflows/Auto-Release.yml to .github/workflows/Release.yml, updated its trigger to pull_request (instead of pull_request_target), restricted its scope to changes in action.yml and src/**, and changed the main job and step names from Auto-Release to Release. Also replaced the action used for releases to PSModule/Release-GHRepository@88c70461c8f16cc09682005bcf3b7fca4dd8dc1a and updated the checkout action to a specific SHA with credentials disabled for improved security.
  • Updated the Action-Test and Linter workflows to use specific commit SHAs for the actions/checkout and super-linter/super-linter actions, and set persist-credentials: false for security. Also, in the Linter workflow, disabled some validators and set additional environment variables.

Dependency and Automation Configuration:

  • Changed the Dependabot update schedule from weekly to daily and added a cooldown period of 7 days between updates.

Configuration Cleanup:

  • Removed the .github/linters/.jscpd.json file, which is no longer needed.
  • Removed the .github/release.yml configuration for automatically generated release notes, as this is now handled by the updated release workflow.

Other Notable Changes:

  • Updated the action.yml to reference the new script location at src/main.ps1 instead of scripts/main.ps1.

Copilot AI review requested due to automatic review settings January 22, 2026 18:18
Copilot AI reviewed Jan 22, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR aims to update Dependabot configuration to run daily with a 7-day cooldown period, but includes additional unrelated changes and contains a critical configuration error.

Changes:

  • Modified .github/dependabot.yml to change schedule from weekly to daily and attempted to add a cooldown configuration
  • Updated GitHub Actions versions in three workflow files with pinned commit hashes
  • Deleted .github/release.yml file containing release note configuration

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
.github/dependabot.yml Changed schedule interval to daily and added invalid cooldown configuration
.github/workflows/Linter.yml Updated actions/checkout to v6.0.2 and super-linter to v8.3.2 with commit hash pinning
.github/workflows/Auto-Release.yml Updated actions/checkout to v6.0.2 and PSModule/Auto-Release to v1.9.5 with commit hash pinning
.github/workflows/Action-Test.yml Updated actions/checkout to v6.0.2 with commit hash pinning
.github/release.yml Completely removed release notes configuration file

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@MariusStorhaug MariusStorhaug changed the title 🩹 Configure Dependabot for daily schedule with 7-day cooldown 🩹[Patch] Configure Dependabot for daily schedule with 7-day cooldown Jan 22, 2026
@MariusStorhaug MariusStorhaug changed the title 🩹[Patch] Configure Dependabot for daily schedule with 7-day cooldown 🩹[Patch]: Configure Dependabot for daily schedule with 7-day cooldown Jan 22, 2026
@MariusStorhaug MariusStorhaug changed the title 🩹[Patch]: Configure Dependabot for daily schedule with 7-day cooldown 🩹 [Patch] Configure Dependabot for daily schedule with 7-day cooldown Jan 22, 2026
@MariusStorhaug MariusStorhaug changed the title 🩹 [Patch] Configure Dependabot for daily schedule with 7-day cooldown 🩹[Patch]: Configure Dependabot for daily schedule with 7-day cooldown Jan 22, 2026
@MariusStorhaug MariusStorhaug self-assigned this Jan 22, 2026
@MariusStorhaug
feat: Add GitHub Actions workflow for automated release process
7fcb622 
- Created a new GitHub Actions workflow (`Release.yml`) to automate the release process on pull request events.
- Configured permissions for creating releases and commenting on pull requests.

feat: Implement Helpers module with versioning

- Added `Helpers.psd1` and `Helpers.psm1` files to define the Helpers module with version `999.0.0`.
- Implemented various utility functions for module management and dependency resolution.

test: Add PSScriptAnalyzer configuration for Helpers module

- Created `PSScriptAnalyzer.Tests.psd1` to define rules for code quality checks on the Helpers module.

chore: Implement main script for module importation

- Added `main.ps1` script to handle the importation of the Helpers module into the PowerShell session.
- Ensured cleanup of previous module instances before importing the new version.
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 25, 2026
View reviewed changes
Copilot AI review requested due to automatic review settings January 25, 2026 20:45
Copilot AI reviewed Jan 25, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 6 out of 10 changed files in this pull request and generated 1 comment.

Comments suppressed due to low confidence (1)

.github/workflows/Release.yml:7

  • Switching the trigger from pull_request_target to pull_request will cause GITHUB_TOKEN to be read-only on forked PRs, even if workflow permissions request write. If this workflow needs to create releases/comments or push tags/notes for fork PRs, it will fail; consider whether pull_request_target (with appropriate hardening) is required.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@MariusStorhaug MariusStorhaug changed the title 🩹[Patch]: Configure Dependabot for daily schedule with 7-day cooldown 🩹 [Patch]: Standardize workflows with SHA pinning and daily Dependabot Jan 25, 2026
Copilot AI review requested due to automatic review settings January 25, 2026 21:32
@MariusStorhaug MariusStorhaug changed the title 🩹 [Patch]: Standardize workflows with SHA pinning and daily Dependabot 🩹[Patch]: Configure Dependabot and rename Auto-Release to Release-GHRepository Jan 25, 2026
Copilot AI reviewed Jan 25, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 7 out of 11 changed files in this pull request and generated 1 comment.

Comments suppressed due to low confidence (1)

.github/workflows/Release.yml:37

  • The PR description says release notes are managed by the Auto-Release action and lists PSModule/Auto-Release@..., but this workflow now uses PSModule/Release-GHRepository@... and renames the job/labels. Please update the PR description (or the workflow) so the documentation matches the actual behavior and pinned action.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@MariusStorhaug MariusStorhaug changed the title 🩹[Patch]: Configure Dependabot and rename Auto-Release to Release-GHRepository 🩹[Patch]: Workflow improvements Jan 27, 2026
@MariusStorhaug MariusStorhaug merged commit ed79b6e into main Jan 27, 2026
18 checks passed
@MariusStorhaug MariusStorhaug deleted the dependabot-daily-cooldown branch January 27, 2026 11:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@MariusStorhaug MariusStorhaug

Labels

Patch

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MariusStorhaug