Skip to content

Commit 0506996

Browse files
[Patch]: Update GitHub Actions dependencies to latest pinned versions (#358)
Consolidates the currently-passing Dependabot GitHub Actions updates into one change, so the pipeline moves to the latest action versions in a single release instead of separate bumps. It also configures Dependabot to group future GitHub Actions updates into one pull request, so this consolidated form happens automatically from now on. **Superseded Dependabot PRs:** #351, #353, #354, #355 — Dependabot closes these automatically once this merges. > ⚠️ **Build-PSModule v5.0.0 (#350) is intentionally excluded.** v5 makes `moduleVersion` a required input, which the current `Build-Module.yml` does not provide, so it fails CI (6 checks on #350's own PR too). Adopting it needs the "decide version before build" work in #342 and should ship with/after that PR. #350 stays open to track it. ## Updated GitHub Actions | Action | From | To | Bump | | --- | --- | --- | --- | | actions/checkout | v6.0.2 | v7.0.0 | Major | | PSModule/Publish-PSModule | v2.2.4 | v3.0.0 | Major | | super-linter/super-linter | v8.6.0 | v8.7.0 | Minor | | super-linter/super-linter/slim | v8.6.0 | v8.7.0 | Minor | This bundle includes two major action upgrades, so it is labelled `Major` and cuts a major release of Process-PSModule on merge. ## Changed: Dependabot groups GitHub Actions updates `.github/dependabot.yml` now groups all `github-actions` updates into a single grouped pull request via a `groups` block. The `github_actions` label is also corrected — it was `github-actions`, which does not match the repository label and was silently dropped by Dependabot. ## Technical Details - Each bump is a cherry-pick of the original Dependabot commit, preserving authorship and the `Bump X from A to B` messages for a clean linear history. - All bumps touch only `uses:` pins under `.github/workflows/`; no logic changes. - Dependabot grouping added: ```yaml groups: github-actions: patterns: - "*" ``` This groups every GitHub Actions ecosystem update (all semver levels) into one PR. To keep major bumps as separate PRs for individual review, add `update-types: ["minor", "patch"]` under the group — majors then continue to open on their own. - No linked issue: this is Dependabot-driven maintenance; the superseded PRs above are the traceability. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent 0c90c32 commit 0506996

15 files changed

Lines changed: 25 additions & 20 deletions

.github/dependabot.yml

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,8 +9,13 @@ updates:
99
directory: / # Location of package manifests
1010
labels:
1111
- dependencies
12-
- github-actions
12+
- github_actions
1313
schedule:
1414
interval: daily
1515
cooldown:
1616
default-days: 7
17+
groups:
18+
# Combine every GitHub Actions update into a single grouped pull request.
19+
github-actions:
20+
patterns:
21+
- "*"

.github/workflows/AfterAll-ModuleLocal.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ jobs:
5050
SETTINGS: ${{ inputs.Settings }}
5151
steps:
5252
- name: Checkout Code
53-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
53+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
5454
with:
5555
persist-credentials: false
5656
fetch-depth: 0

.github/workflows/BeforeAll-ModuleLocal.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ jobs:
5050
Settings: ${{ inputs.Settings }}
5151
steps:
5252
- name: Checkout Code
53-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
53+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
5454
with:
5555
persist-credentials: false
5656
fetch-depth: 0

.github/workflows/Build-Docs.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ jobs:
1818
runs-on: ubuntu-latest
1919
steps:
2020
- name: Checkout Code
21-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
21+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
2222
with:
2323
persist-credentials: false
2424
fetch-depth: 0
@@ -72,7 +72,7 @@ jobs:
7272
7373
- name: Lint documentation
7474
id: super-linter
75-
uses: super-linter/super-linter/slim@9e863354e3ff62e0727d37183162c4a88873df41 # v8.6.0
75+
uses: super-linter/super-linter/slim@4ce20838b8ab83717e78138c5b3a1407148e0918 # v8.7.0
7676
env:
7777
RUN_LOCAL: true
7878
DEFAULT_BRANCH: main

.github/workflows/Build-Module.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ jobs:
2424
GH_TOKEN: ${{ github.token }}
2525
steps:
2626
- name: Checkout Code
27-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
27+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
2828
with:
2929
persist-credentials: false
3030
fetch-depth: 0

.github/workflows/Build-Site.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ jobs:
1717
runs-on: ubuntu-latest
1818
steps:
1919
- name: Checkout Code
20-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
20+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
2121
with:
2222
persist-credentials: false
2323
fetch-depth: 0

.github/workflows/Get-Settings.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ jobs:
6060
Settings: ${{ steps.Get-Settings.outputs.Settings }}
6161
steps:
6262
- name: Checkout Code
63-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
63+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
6464
with:
6565
persist-credentials: false
6666
fetch-depth: 0

.github/workflows/Lint-Repository.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ jobs:
2121
Settings: ${{ inputs.Settings }}
2222
steps:
2323
- name: Checkout repo
24-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
24+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
2525
with:
2626
persist-credentials: false
2727
fetch-depth: 0
@@ -49,7 +49,7 @@ jobs:
4949
5050
- name: Lint code base
5151
id: super-linter
52-
uses: super-linter/super-linter@9e863354e3ff62e0727d37183162c4a88873df41 # v8.6.0
52+
uses: super-linter/super-linter@4ce20838b8ab83717e78138c5b3a1407148e0918 # v8.7.0
5353
env:
5454
GITHUB_TOKEN: ${{ github.token }}
5555
DEFAULT_WORKSPACE: ${{ fromJson(env.Settings).WorkingDirectory }}

.github/workflows/Lint-SourceCode.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ jobs:
2121
include: ${{ fromJson(inputs.Settings).TestSuites.SourceCode }}
2222
steps:
2323
- name: Checkout Code
24-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
24+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
2525
with:
2626
persist-credentials: false
2727

.github/workflows/Linter.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,13 +19,13 @@ jobs:
1919
runs-on: ubuntu-latest
2020
steps:
2121
- name: Checkout repo
22-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
22+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
2323
with:
2424
persist-credentials: false
2525
fetch-depth: 0
2626

2727
- name: Lint code base
28-
uses: super-linter/super-linter@9e863354e3ff62e0727d37183162c4a88873df41 # v8.6.0
28+
uses: super-linter/super-linter@4ce20838b8ab83717e78138c5b3a1407148e0918 # v8.7.0
2929
env:
3030
GITHUB_TOKEN: ${{ github.token }}
3131
VALIDATE_BIOME_FORMAT: false

0 commit comments

Comments
 (0)