Bump PSModule/Process-PSModule/.github/workflows/workflow.yml from 4 to 5

[dependabot]

Bumps PSModule/Process-PSModule/.github/workflows/workflow.yml from 4 to 5.

Release notes

Sourced from PSModule/Process-PSModule/.github/workflows/workflow.yml's releases.

v5.0.0

🌟 [Major]: Process-PSModule v5 (#205)

This pull request cleans up and consolidates the process into focussing on a single workflow, the workflow.yml file. It also updates some more logic and addresses some security issues for the checkout action.

Details

• Removed the workflow CI.yml which has previously been used for nightly runs, checking that the logic works.

  • Mitigation: Adjusted workflow.yml to work for the same scenarios replacing CI.yml for this usecase.
  • Fixes #204

• Cleaned up some of the job flow depending on the different scenarios.

  Job	Open/Updated PR	Merged PR	Abandoned PR	Manual Run
  Get-Settings	✅ Always	✅ Always	✅ Always	✅ Always
  Lint-Repository	✅ Yes	❌ No	❌ No	❌ No
  Build-Module	✅ Yes	✅ Yes	❌ No	✅ Yes
  Build-Docs	✅ Yes	✅ Yes	❌ No	✅ Yes
  Build-Site	✅ Yes	✅ Yes	❌ No	✅ Yes
  Test-SourceCode	✅ Yes	✅ Yes	❌ No	✅ Yes
  Lint-SourceCode	✅ Yes	✅ Yes	❌ No	✅ Yes
  Test-Module	✅ Yes	✅ Yes	❌ No	✅ Yes
  BeforeAll-ModuleLocal	✅ Yes	✅ Yes	❌ No	✅ Yes
  Test-ModuleLocal	✅ Yes	✅ Yes	❌ No	✅ Yes
  AfterAll-ModuleLocal	✅ Yes	✅ Yes	❌ No	✅ Yes
  Get-TestResults	✅ Yes	✅ Yes	❌ No	✅ Yes
  Get-CodeCoverage	✅ Yes	✅ Yes	❌ No	✅ Yes
  Publish-Site	❌ No	✅ Yes (only)	❌ No	❌ No
  Publish-Module	✅ Yes*	✅ Yes*	✅ Yes	✅ Yes*

  • Only run linter on CI runs.
  • Fast forward to "Publish-Module", which also handles removal of prereleases (GitHub only).
  • Only run "Publish-Site" on a merged PR.

v4.1.5

Update implement prompt to update PR (#203)

Description

This pull request updates the implementation instructions in .github/prompts/implement.prompt.md to improve task tracking and clarify how pull request descriptions should be managed. The main focus is on making task progress more visible in real-time and ensuring the PR description is always ready to be used as release notes.

Task tracking and status updates:

• Added a critical requirement to update task status immediately after each task is completed:
  • Mark the task as [X] in tasks.md and update the PR description checkbox for each completed task.
  • Updates must be made task-by-task, not at the end.
  • Provided guidance for using GitHub tools or gh pr edit to update the PR description, ensuring real-time visibility of task progress.

Pull request description management:

... (truncated)

Commits

• 1111791 🚀 [Feature]: Release-triggering file patterns now configurable via workflow i...
• 3ed96da 🩹 [Patch]: Framework-generated code coverage no longer penalizes module autho...
• 205d193 🪲 [Fix]: Super-linter can now post PR comment summaries (#308)
• 4343d76 🩹 [Patch]: Setup/teardown jobs no longer waste runner time when scripts are a...
• 645cb19 🩹 [Patch]: Workflow dependencies updated to latest versions (#298)
• b849acd 📖 [Docs]: Module dependency declaration using #Requires -Modules now document...
• 2fb6675 📖 [Docs]: Add best practices for shared test infrastructure (#285)
• 60bdf8a Bump super-linter/super-linter from 8.3.2 to 8.5.0 (#284)
• 84d7bac ⚙️ [Maintenance]: Add path filter and align Release workflow (#283)
• 2d403df ⚙️ [Maintenance]: Remove old spec-kit prompts, scripts, and templates (#281)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

No Significant Changes Detected

This PR does not contain changes to files that would trigger a new release:

Pattern	Description
^src/	Matches files where path matches this pattern
^README\.md$	Matches files where path matches this pattern

Build, test, and publish stages will be skipped for this PR.

If you believe this is incorrect, please verify that your changes are in the correct locations.

[github-actions]

Super-linter summary

Language	Validation result
BIOME_FORMAT	Fail ❌
BIOME_LINT	Pass ✅
CHECKOV	Pass ✅
GITHUB_ACTIONS	Pass ✅
GITHUB_ACTIONS_ZIZMOR	Fail ❌
GITLEAKS	Pass ✅
GIT_MERGE_CONFLICT_MARKERS	Pass ✅
JSCPD	Pass ✅
JSON	Pass ✅
JSON_PRETTIER	Fail ❌
MARKDOWN	Pass ✅
MARKDOWN_PRETTIER	Fail ❌
NATURAL_LANGUAGE	Pass ✅
POWERSHELL	Pass ✅
PRE_COMMIT	Pass ✅
SPELL_CODESPELL	Fail ❌
TRIVY	Pass ✅
YAML	Pass ✅
YAML_PRETTIER	Fail ❌

Super-linter detected linting errors

For more information, see the GitHub Actions workflow run

Powered by Super-linter

BIOME_FORMAT

Checked 1 file in 4ms. No fixes applied.
Found 1 error..github/linters/.jscpd.json format ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  × Formatter would have printed the following content:

     1 1 │   {
     2   │ - ····"threshold":·0,
     3   │ - ····"reporters":·[
     4   │ - ········"consoleFull"
     5   │ - ····],
     6   │ - ····"ignore":·[
     7   │ - ········"**/tests/**"
     8   │ - ····],
     9   │ - ····"absolute":·true
       2 │ + → "threshold":·0,
       3 │ + → "reporters":·["consoleFull"],
       4 │ + → "ignore":·["**/tests/**"],
       5 │ + → "absolute":·true
    10 6 │   }
    11 7 │


format ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  × Some errors were emitted while running checks.

GITHUB_ACTIONS_ZIZMOR

�[1m�[33mwarning[dependabot-cooldown]�[0m�[1m: insufficient cooldown in Dependabot updates�[0m
 �[1m�[94m--> �[0m/github/workspace/.github/dependabot.yml:8:5
  �[1m�[94m|�[0m
�[1m�[94m8�[0m �[1m�[94m|�[0m   - package-ecosystem: github-actions # See documentation for possible values
  �[1m�[94m|�[0m     �[1m�[33m^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^�[0m �[1m�[33mmissing cooldown configuration�[0m
  �[1m�[94m|�[0m
  �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → High
  �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
  �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#dependabot-cooldown�[39m

�[1m�[33mwarning[artipacked]�[0m�[1m: credential persistence through GitHub Actions artifacts�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/Linter.yml:21:9
   �[1m�[94m|�[0m
�[1m�[94m21�[0m �[1m�[94m|�[0m         - name: Checkout repo
   �[1m�[94m|�[0m �[1m�[33m _________^�[0m
�[1m�[94m22�[0m �[1m�[94m|�[0m �[1m�[33m|�[0m         uses: actions/checkout@v4
�[1m�[94m23�[0m �[1m�[94m|�[0m �[1m�[33m|�[0m         with:
�[1m�[94m24�[0m �[1m�[94m|�[0m �[1m�[33m|�[0m           fetch-depth: 0
   �[1m�[94m|�[0m �[1m�[33m|________________________^�[0m �[1m�[33mdoes not set persist-credentials: false�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → Low
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#artipacked�[39m

�[1m�[91merror[unpinned-uses]�[0m�[1m: unpinned action reference�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/Linter.yml:22:15
   �[1m�[94m|�[0m
�[1m�[94m22�[0m �[1m�[94m|�[0m         uses: actions/checkout@v4
   �[1m�[94m|�[0m               �[1m�[91m^^^^^^^^^^^^^^^^^^^�[0m �[1m�[91maction is not pinned to a hash (required by blanket policy)�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → High
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#unpinned-uses�[39m

�[1m�[91merror[unpinned-uses]�[0m�[1m: unpinned action reference�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/Linter.yml:27:15
   �[1m�[94m|�[0m
�[1m�[94m27�[0m �[1m�[94m|�[0m         uses: super-linter/super-linter@latest
   �[1m�[94m|�[0m               �[1m�[91m^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^�[0m �[1m�[91maction is not pinned to a hash (required by blanket policy)�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → High
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#unpinned-uses�[39m

�[1m�[91merror[unpinned-uses]�[0m�[1m: unpinned action reference�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/Nightly-Run.yml:15:11
   �[1m�[94m|�[0m
�[1m�[94m15�[0m �[1m�[94m|�[0m     uses: PSModule/Process-PSModule/.github/workflows/CI.yml@v4
   �[1m�[94m|�[0m           �[1m�[91m^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^�[0m �[1m�[91maction is not pinned to a hash (required by blanket policy)�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → High
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#unpinned-uses�[39m

�[1m�[91merror[unpinned-uses]�[0m�[1m: unpinned action reference�[0m
  �[1m�[94m--> �[0m/github/workspace/.github/workflows/Process-PSModule.yml:29:11
   �[1m�[94m|�[0m
�[1m�[94m29�[0m �[1m�[94m|�[0m     uses: PSModule/Process-PSModule/.github/workflows/workflow.yml@v5
   �[1m�[94m|�[0m           �[1m�[91m^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^�[0m �[1m�[91maction is not pinned to a hash (required by blanket policy)�[0m
   �[1m�[94m|�[0m
   �[1m�[94m= �[0m�[1mnote�[0m: audit confidence → High
   �[1m�[94m= �[0m�[1mnote�[0m: this finding has an auto-fix
   �[1m�[94m= �[0m�[1mhelp�[0m: audit documentation → �[32mhttps://docs.zizmor.sh/audits/#unpinned-uses�[39m

�[32m17�[39m findings (�[1m�[93m11�[39m suppressed, �[92m6�[39m fixable�[0m): �[35m0�[39m informational, �[36m0�[39m low, �[33m2�[39m medium, �[31m4�[39m high🌈 zizmor v1.22.0
�[32m INFO�[0m �[1maudit�[0m�[2m:�[0m �[2mzizmor�[0m�[2m:�[0m 🌈 completed /github/workspace/.github/dependabot.yml
�[32m INFO�[0m �[1maudit�[0m�[2m:�[0m �[2mzizmor�[0m�[2m:�[0m 🌈 completed /github/workspace/.github/workflows/Linter.yml
�[32m INFO�[0m �[1maudit�[0m�[2m:�[0m �[2mzizmor�[0m�[2m:�[0m 🌈 completed /github/workspace/.github/workflows/Nightly-Run.yml
�[32m INFO�[0m �[1maudit�[0m�[2m:�[0m �[2mzizmor�[0m�[2m:�[0m 🌈 completed /github/workspace/.github/workflows/Process-PSModule.yml

JSON_PRETTIER

Checking formatting...[�[33mwarn�[39m] .github/linters/.jscpd.json
[�[33mwarn�[39m] Code style issues found in the above file. Run Prettier with --write to fix.

MARKDOWN_PRETTIER

Checking formatting...[�[33mwarn�[39m] README.md
[�[33mwarn�[39m] Code style issues found in the above file. Run Prettier with --write to fix.

SPELL_CODESPELL

/github/workspace/.github/linters/.textlintrc:491: environemnt ==> environment
/github/workspace/.github/linters/.textlintrc:499: pacakge ==> package

YAML_PRETTIER

Checking formatting...[�[33mwarn�[39m] .github/workflows/Nightly-Run.yml
[�[33mwarn�[39m] .github/linters/.markdown-lint.yml
[�[33mwarn�[39m] .github/mkdocs.yml
[�[33mwarn�[39m] .github/release.yml
[�[33mwarn�[39m] Code style issues found in 4 files. Run Prettier with --write to fix.

[dependabot]

Looks like PSModule/Process-PSModule/.github/workflows/workflow.yml is up-to-date now, so this is no longer needed.