Skip to content

v4.0.10

Choose a tag to compare

View all tags
@github-actions github-actions released this 25 Jan 21:17
· 4 commits to main since this release
v4.0.10
ae0ad1b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

🩹 [Patch]: Standardize workflows with SHA pinning and daily Dependabot (#123)

Improves dependency management by configuring Dependabot to check daily while preventing excessive update noise through a 7-day cooldown period. This ensures timely security updates while reducing PR churn.

  • Related to PSModule workflow standardization

Dependabot configuration

Changed the update schedule from weekly to daily with a 7-day cooldown period. This provides faster detection of security vulnerabilities while avoiding duplicate PRs for the same dependency within a week.

schedule:
  interval: daily
cooldown:
  default-days: 7

Release configuration cleanup

Removed the deprecated .github/release.yml file as release notes are now managed through the Auto-Release action's automated process.

Action pinning

Pinned all GitHub Actions to specific commit SHAs for improved security and reproducibility:

  • actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd (v6.0.2)
  • actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 (v5.0.0)
  • super-linter/super-linter@d5b0a2ab116623730dd094f15ddc1b6b25bf7b99 (v8.3.2)
  • PSModule/Auto-Release@eabd533035e2cb9822160f26f2eda584bd012356 (v1.9.5)
  • PSModule/Install-PSModuleHelpers@d60d63e4be477d1ca0c67c6085101fb109bce8f1 (v1.0.6)
Assets 2
Loading