🩹[Patch]: Workflow improvements (#24)

This release focuses on updating and improving the project's GitHub
Actions workflows and configuration files. The main goals are to enhance
security and reliability by pinning action versions, streamline release
and dependency management, and clean up unused or redundant
configuration files.

- Fixes #23

**Workflow and Action Updates:**

* Updated all uses of `actions/checkout` to reference a specific commit
hash (`de0fac2e4500dabe0009e67214ff5f5447ce83dd`) for improved security
and reproducibility across workflows.
* Replaced unpinned or generic action versions with commit-pinned
versions for `PSModule/GitHub-Script`, `super-linter/super-linter`, and
`PSModule/Invoke-Pester` to ensure consistent behavior and improve
security.
* Updated the linter workflow to use a pinned version of `super-linter`
and added/adjusted validation environment variables.

**Release and Dependency Management:**

* Renamed `.github/workflows/Auto-Release.yml` to
`.github/workflows/Release.yml`, updated the workflow name, and switched
the trigger from `pull_request_target` to `pull_request` for better
security. Also restricted the workflow to run only on changes to
`action.yml` and `src/**`.
* Replaced the use of `PSModule/Auto-Release` with
`PSModule/Release-GHRepository` in the release workflow, and updated job
names accordingly.
* Changed the Dependabot update schedule from weekly to daily and added
a cooldown period to manage update frequency.

**Configuration Cleanup:**

* Removed the `.github/linters/.jscpd.json` file and
`.github/release.yml`, indicating a cleanup of unused or redundant
configuration files.

**Other Improvements:**

* Fixed a typo in `README.md` for clarity.
* Updated script paths in `action.yml` from `scripts/` to `src/` to
reflect directory restructuring.

Author: MariusStorhaug

.github/dependabot.yml

@@ -11,4 +11,6 @@ updates:
       - dependencies
       - github-actions
     schedule:
-      interval: weekly
+      interval: daily
+    cooldown:
+      default-days: 7

.github/linters/.jscpd.json

@@ -25,7 +25,7 @@ jobs:
       Conclusion: ${{ steps.action-test.conclusion }}
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
@@ -50,7 +50,7 @@ jobs:
       Conclusion: ${{ steps.action-test.conclusion }}
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
@@ -76,7 +76,7 @@ jobs:
       Conclusion: ${{ steps.action-test.conclusion }}
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
@@ -103,7 +103,7 @@ jobs:
       Conclusion: ${{ steps.action-test.conclusion }}
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
@@ -129,7 +129,7 @@ jobs:
       Conclusion: ${{ steps.action-test.conclusion }}
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
@@ -169,11 +169,11 @@ jobs:
       OutputsConclusion: ${{ needs.ActionTestOutputs.outputs.Conclusion }}
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
       - name: Aggregated Status
-        uses: PSModule/Github-Script@v1
+        uses: PSModule/GitHub-Script@0097f3bbe3f413f3b577b9bcc600727b0ca3201a # v1.7.10
         with:
           Script: tests/Get-AggregatedStatus.ps1

.github/release.yml

@@ -19,19 +19,20 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           fetch-depth: 0
 
       - name: Lint code base
-        uses: super-linter/super-linter@latest
+        uses: super-linter/super-linter@d5b0a2ab116623730dd094f15ddc1b6b25bf7b99 # v8.3.2
         env:
           GITHUB_TOKEN: ${{ github.token }}
-          VALIDATE_JSON_PRETTIER: false
-          VALIDATE_MARKDOWN_PRETTIER: false
-          VALIDATE_YAML_PRETTIER: false
           VALIDATE_BIOME_FORMAT: false
           VALIDATE_BIOME_LINT: false
           VALIDATE_GITHUB_ACTIONS_ZIZMOR: false
+          VALIDATE_JSCPD: false
+          VALIDATE_JSON_PRETTIER: false
+          VALIDATE_MARKDOWN_PRETTIER: false
+          VALIDATE_YAML_PRETTIER: false
           FILTER_REGEX_EXCLUDE: '.*Set-PSModuleTest\.ps1$'

.github/workflows/Action-Test.yml

@@ -1,9 +1,9 @@
-name: Auto-Release
+name: Release
 
-run-name: "Auto-Release - [${{ github.event.pull_request.title }} #${{ github.event.pull_request.number }}] by @${{ github.actor }}"
+run-name: "Release - [${{ github.event.pull_request.title }} #${{ github.event.pull_request.number }}] by @${{ github.actor }}"
 
 on:
-  pull_request_target:
+  pull_request:
     branches:
       - main
     types:
@@ -12,6 +12,9 @@ on:
       - reopened
       - synchronize
       - labeled
+    paths:
+      - 'action.yml'
+      - 'src/**'
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
@@ -22,15 +25,15 @@ permissions:
   pull-requests: write
 
 jobs:
-  Auto-Release:
+  Release:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
-      - name: Auto-Release
-        uses: PSModule/Auto-Release@v1
+      - name: Release
+        uses: PSModule/Release-GHRepository@88c70461c8f16cc09682005bcf3b7fca4dd8dc1a # v2.0.1
         with:
           IncrementalPrerelease: false

.github/workflows/Linter.yml

@@ -136,7 +136,7 @@ The action provides the following outputs:
    To be clear; the action follows the settings file to determine which rules to skip.
 
 4. **View the Results**
-    The action outputs the results of the tests to goth logs and step summary. If the tests pass, the actions `outcome` will be `success`.
+    The action outputs the results of the tests to both logs and step summary. If the tests pass, the actions `outcome` will be `success`.
     If the tests fail, the actions outcome will be `failure`. To make the workflow continue even if the tests fail, you can set the
     `continue-on-error` option to `true`. Use this built-in feature to stop the workflow from failing so that you can aggregate the status of tests
     across multiple jobs.

.github/workflows/Auto-Release.yml .github/workflows/Release.yml.github/workflows/Auto-Release.yml renamed to .github/workflows/Release.yml

@@ -248,7 +248,7 @@ runs:
   using: composite
   steps:
     - name: Get-TestPaths
-      uses: PSModule/Github-Script@v1
+      uses: PSModule/GitHub-Script@0097f3bbe3f413f3b577b9bcc600727b0ca3201a # v1.7.10
       id: paths
       env:
         PSMODULE_INVOKE_SCRIPTANALYZER_INPUT_Path: ${{ inputs.Path }}
@@ -259,10 +259,10 @@ runs:
         Verbose: ${{ inputs.Verbose }}
         Version: ${{ inputs.Version }}
         WorkingDirectory: ${{ inputs.WorkingDirectory }}
-        Script: ${{ github.action_path }}/scripts/main.ps1
+        Script: ${{ github.action_path }}/src/main.ps1
 
     - name: Invoke-Pester
-      uses: PSModule/Invoke-Pester@v4
+      uses: PSModule/Invoke-Pester@1fcb663c0efe914e8374d78e16aa7bb907ea2434 # v4.2.3
       id: test
       env:
         SettingsFilePath: ${{ fromJson(steps.paths.outputs.result).SettingsFilePath }}
@@ -273,7 +273,7 @@ runs:
         Version: ${{ inputs.Version }}
         WorkingDirectory: ${{ inputs.WorkingDirectory }}
         TestResult_TestSuiteName: ${{ inputs.TestResult_TestSuiteName }}
-        Path: ${{ github.action_path }}/scripts/tests/PSScriptAnalyzer
+        Path: ${{ github.action_path }}/src/tests/PSScriptAnalyzer
         Run_Path: ${{ fromJson(steps.paths.outputs.result).CodePath }}
         ReportAsJson: ${{ inputs.ReportAsJson }}
         Notice_Mode: ${{ inputs.Notice_Mode }}