diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 53188fe..0da2fac 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -11,4 +11,6 @@ updates: - dependencies - github-actions schedule: - interval: weekly + interval: daily + cooldown: + default-days: 7 diff --git a/.github/workflows/Action-Test.yml b/.github/workflows/Action-Test.yml index 60f3a9e..28c6087 100644 --- a/.github/workflows/Action-Test.yml +++ b/.github/workflows/Action-Test.yml @@ -20,7 +20,6 @@ concurrency: permissions: contents: read # to checkout the repo - statuses: write # to create commit status jobs: UploadArtifact: @@ -28,13 +27,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false fetch-depth: 0 - name: Upload module artifact - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: module path: tests/srcTestRepo/outputs/module @@ -45,9 +44,12 @@ jobs: name: Action-Test - [Default] runs-on: ubuntu-latest needs: UploadArtifact + permissions: + contents: read + statuses: write # to create commit status from linter steps: - name: Checkout repo - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false fetch-depth: 0 @@ -59,7 +61,7 @@ jobs: WorkingDirectory: tests/srcTestRepo - name: Lint documentation - uses: super-linter/super-linter/slim@v8.2.1 + uses: super-linter/super-linter/slim@2bdd90ed3262e023ac84bf8fe35dc480721fc1f2 # v8.2.1 env: GITHUB_TOKEN: ${{ github.token }} VALIDATE_MARKDOWN: true @@ -73,12 +75,11 @@ jobs: needs: UploadArtifact steps: - name: Checkout repo - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false fetch-depth: 0 - - name: Action-Test uses: ./ with: diff --git a/.github/workflows/Auto-Release.yml b/.github/workflows/Auto-Release.yml index b083552..dbaaf03 100644 --- a/.github/workflows/Auto-Release.yml +++ b/.github/workflows/Auto-Release.yml @@ -3,7 +3,7 @@ name: Auto-Release run-name: "Auto-Release - [${{ github.event.pull_request.title }} #${{ github.event.pull_request.number }}] by @${{ github.actor }}" on: - pull_request_target: + pull_request: branches: - main types: @@ -26,7 +26,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Code - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false - name: Auto-Release - uses: PSModule/Auto-Release@v1 + uses: PSModule/Auto-Release@eabd533035e2cb9822160f26f2eda584bd012356 # v1.9.5 diff --git a/.github/workflows/Linter.yml b/.github/workflows/Linter.yml index f8f14c6..cf13018 100644 --- a/.github/workflows/Linter.yml +++ b/.github/workflows/Linter.yml @@ -19,17 +19,16 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false fetch-depth: 0 - name: Lint code base - uses: super-linter/super-linter@latest + uses: super-linter/super-linter@d5b0a2ab116623730dd094f15ddc1b6b25bf7b99 # v8.3.2 env: GITHUB_TOKEN: ${{ github.token }} + VALIDATE_BIOME_FORMAT: false VALIDATE_JSON_PRETTIER: false VALIDATE_MARKDOWN_PRETTIER: false VALIDATE_YAML_PRETTIER: false - VALIDATE_BIOME_FORMAT: false - VALIDATE_GITHUB_ACTIONS_ZIZMOR: false diff --git a/action.yml b/action.yml index a648223..e5f051c 100644 --- a/action.yml +++ b/action.yml @@ -19,7 +19,7 @@ runs: using: composite steps: - name: Install-PSModuleHelpers - uses: PSModule/Install-PSModuleHelpers@v1 + uses: PSModule/Install-PSModuleHelpers@d60d63e4be477d1ca0c67c6085101fb109bce8f1 # v1.0.6 - name: Document-PSModule shell: pwsh