Releases: PSModule/Process-PSModule
Release list
v5.5.9
🪲 [Fix]: Restore correct release versioning in the publish pipeline (#363)
The module publishing pipeline once again calculates and stamps the real release version before publishing, so consumer releases are versioned and tagged correctly instead of shipping the build-time placeholder. This reverts the premature Publish-PSModule major upgrade that left main in an inconsistent state.
- Relates to #326 (move version calculation ahead of the build step)
- Contains the regression introduced by #358
Fixed: Releases are versioned correctly again
Publish-PSModule is pinned back to v2.2.4, which calculates the release version (from labels and tags) and stamps it into the module manifest at publish time. On main, Build-PSModule (v4) only stamps a 999.0.0 placeholder and does not compute the real version, and Publish-PSModule v3.0.0 is publish-only — it expects the manifest to already carry the final version. With v3.0.0 in place, nothing in the pipeline computed the real version, so a real consumer release would have published and tagged 999.0.0. Reverting to v2.2.4 restores the fully consistent old pipeline: Get-Settings → Build (v4, 999.0.0) → Publish (v2.2.4, calculates + stamps).
Only the Publish-PSModule pin is reverted. The other action bumps from #358 (actions/checkout v7.0.0, super-linter v8.7.0) are left in place.
Technical Details
.github/workflows/Publish-Module.yml:PSModule/Publish-PSModulepin reverted03c0f8b… # v3.0.0→8917aed… # v2.2.4. This is the exact pin #358 replaced; nowith:inputs changed — v2.2.4 consumes the version-calculation inputs the workflow already passes, whereas v3.0.0 silently ignored them..github/workflows/Publish-Module.yml: normalized theAPIKeyaction input fromsecrets.APIKEYtosecrets.APIKeyto match theAPIKeysecret declaration and the other workflows (workflow.yml,Workflow-Test-*.yml). GitHub Actions secret names are case-insensitive, so this is a consistency-only change with no behavioral effect (flagged during Copilot review).- This is step 1 (containment) of #326. Follow-ups: release
Resolve-PSModuleVersionwith the #348 fix, then rebase and land PR #342 (Plan job + Build v5 + publish-only Publish) and re-pin the first-party actions together.
v5.5.8
[Patch]: Update GitHub Actions dependencies to latest pinned versions (#358)
Consolidates the currently-passing Dependabot GitHub Actions updates into one change, so the pipeline moves to the latest action versions in a single release instead of separate bumps. It also configures Dependabot to group future GitHub Actions updates into one pull request, so this consolidated form happens automatically from now on.
Superseded Dependabot PRs: #351, #353, #354, #355 — Dependabot closes these automatically once this merges.
⚠️ Build-PSModule v5.0.0 (#350) is intentionally excluded. v5 makesmoduleVersiona required input, which the currentBuild-Module.ymldoes not provide, so it fails CI (6 checks on #350's own PR too). Adopting it needs the "decide version before build" work in #342 and should ship with/after that PR. #350 stays open to track it.
Updated GitHub Actions
| Action | From | To | Bump |
|---|---|---|---|
| actions/checkout | v6.0.2 | v7.0.0 | Major |
| PSModule/Publish-PSModule | v2.2.4 | v3.0.0 | Major |
| super-linter/super-linter | v8.6.0 | v8.7.0 | Minor |
| super-linter/super-linter/slim | v8.6.0 | v8.7.0 | Minor |
This bundle includes two major action upgrades, so it is labelled Major and cuts a major release of Process-PSModule on merge.
Changed: Dependabot groups GitHub Actions updates
.github/dependabot.yml now groups all github-actions updates into a single grouped pull request via a groups block. The github_actions label is also corrected — it was github-actions, which does not match the repository label and was silently dropped by Dependabot.
Technical Details
-
Each bump is a cherry-pick of the original Dependabot commit, preserving authorship and the
Bump X from A to Bmessages for a clean linear history. -
All bumps touch only
uses:pins under.github/workflows/; no logic changes. -
Dependabot grouping added:
groups: github-actions: patterns: - "*"
This groups every GitHub Actions ecosystem update (all semver levels) into one PR. To keep major bumps as separate PRs for individual review, add
update-types: ["minor", "patch"]under the group — majors then continue to open on their own. -
No linked issue: this is Dependabot-driven maintenance; the superseded PRs above are the traceability.
v5.5.7
Bump PSModule/GitHub-Script from 1.7.10 to 1.8.0 (#346)
Bumps PSModule/GitHub-Script from 1.7.10 to 1.8.0.
Release notes
Sourced from PSModule/GitHub-Script's releases.
v1.8.0
🚀 [Minor]: GitHub API rate limit details now available in action logs (#89)
GitHub API rate limit consumption is now visible directly in the action logs. When enabled, rate limit details - including remaining quota, limit, used count, and reset time for all resource categories - are displayed before and after the user script runs, making it easy to see exactly how many API calls a workflow step consumed.
- Fixes #88
New: Rate limit visibility in action logs
A new
ShowRateLimitinput (default:'false') controls whether rate limit information appears in the logs. When set to'true', a Rate Limits LogGroup appears inside the Info fence before the user script, and another Rate Limits LogGroup appears inside the Outputs fence after it.- uses: PSModule/GitHub-Script@v1 with: ShowRateLimit: 'true' Script: | Get-GitHubRepository -Owner PSModule -Name GitHub-ScriptThe output includes a formatted table of all resource categories returned by
Get-GitHubRateLimit(core, search, graphql, etc.), each showingLimit,Used,Remaining,ResetsAt, andResetsIn.When the input is omitted or set to
'false'(the default), no rate limit output appears.If
ShowRateLimitis enabled butShowInfoorShowOutputis off, the corresponding fence still renders with just the rate limit content inside. For auth types that do not supportGet-GitHubRateLimit(for example GitHub App contexts), a warning is shown instead of failing.Technical Details
- Added
ShowRateLimitinput toaction.ymlwithrequired: falseanddefault: 'false'.- Added
PSMODULE_GITHUB_SCRIPT_INPUT_ShowRateLimitenvironment variable to the composite step.- Created
src/ratelimit.ps1as a helper script (no fence borders) that checks the guard and renders a singleRate LimitsLogGroup.src/ratelimit.ps1now callsGet-GitHubRateLimit -ErrorAction Stopso non-terminating errors are caught reliably in unsupported auth contexts.src/ratelimit.ps1explicitly selectsName,Limit,Used,Remaining,ResetsAt, andResetsInbefore formatting to keep columns deterministic.- Modified
src/info.ps1: adjusted the early-return guard to also considerShowRateLimit, wrapped existing LogGroups inif ($showInfo), and callsratelimit.ps1before the fence close.- Modified
src/outputs.ps1: adjusted the early-return guard to also considerShowRateLimit, wrapped existing output LogGroups inif ($result), and callsratelimit.ps1before the fence close.- The
action.ymlrun block remains in the same flow, whileinfo.ps1andoutputs.ps1invoke the helper internally.- Enabled
ShowRateLimit: trueacross all Action-Test scenarios in.github/workflows/TestWorkflow.yml, including Basic, WithScript path variants, Commands + Outputs, Matrix Creator, WithoutToken, WithPAT, WithUserFGPAT, WithOrgFGPAT, GitHubAppEnt, GitHubAppOrg + quoted inputs, WithKeyVaultKeyReference, WithKeyVaultKeyReferenceLatest, and PreserveCredentials False.
Commits
1ee97bb🚀 [Minor]: GitHub API rate limit details now available in action logs (#89)8649c46Bump azure/login from 2.3.0 to 3.0.0 (#86)e3b0111⚙️ [Maintenance]: Add afterall to codespell ignore words list (#85)2d8efc6Bump super-linter/super-linter from 8.4.0 to 8.5.0 (#84)611c5dc⚙️ [Maintenance]: Update super-linter to v8.4.0 (#83)99556fc⚙️ [Maintenance]: Align workflows across action repositories (#82)- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
v5.5.6
Bump PSModule/Build-PSModule from 4.0.14 to 4.0.15 (#345)
Bumps PSModule/Build-PSModule from 4.0.14 to 4.0.15.
Release notes
Sourced from PSModule/Build-PSModule's releases.
v4.0.15
Bump actions/upload-artifact from 7.0.0 to 7.0.1 (#134)
Bumps actions/upload-artifact from 7.0.0 to 7.0.1.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
... (truncated)
Commits
3b368feBump actions/upload-artifact from 7.0.0 to 7.0.1 (#134)- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
v5.5.5
Bump PSModule/Invoke-Pester from 4.2.4 to 4.2.5 (#344)
Bumps PSModule/Invoke-Pester from 4.2.4 to 4.2.5.
Release notes
Sourced from PSModule/Invoke-Pester's releases.
v4.2.5
Bump actions/upload-artifact from 7.0.0 to 7.0.1 (#63)
Bumps actions/upload-artifact from 7.0.0 to 7.0.1.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
... (truncated)
Commits
266d1cfBump actions/upload-artifact from 7.0.0 to 7.0.1 (#63)- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
v5.5.4
Bump actions/upload-pages-artifact from 4.0.0 to 5.0.0 (#340)
Bumps actions/upload-pages-artifact from 4.0.0 to 5.0.0.
Release notes
Sourced from actions/upload-pages-artifact's releases.
v5.0.0
Changelog
- Update upload-artifact action to version 7
@Tom-van-Woudenberg(#139)- feat: add
include-hidden-filesinput@jonchurch(#137)See details of all code changes since previous release.
Commits
fc324d3Merge pull request #139 from Tom-van-Woudenberg/patch-1fe9d4b7Merge branch 'main' into patch-10ca1617Merge pull request #137 from jonchurch/include-hidden-files57f0e84Update action.yml4a90348v7 --> hash56f665aUpdate upload-artifact action to version 7f7615f5Addinclude-hidden-filesinput- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
v5.5.3
Bump actions/upload-artifact from 7.0.0 to 7.0.1 (#341)
Bumps actions/upload-artifact from 7.0.0 to 7.0.1.
Release notes
Sourced from actions/upload-artifact's releases.
v7.0.1
What's Changed
- Update the readme with direct upload details by
@danwkennedyin actions/upload-artifact#795- Readme: bump all the example versions to v7 by
@danwkennedyin actions/upload-artifact#796- Include changes in typespec/ts-http-runtime 0.3.5 by
@yacaovsncin actions/upload-artifact#797Full Changelog: actions/upload-artifact@v7...v7.0.1
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
v5.5.2
🩹 [Patch]: Bump PSModule/Publish-PSModule to v2.2.4 (#312)
The module publishing workflow now uses the latest PSModule/Publish-PSModule action release, so publish jobs run with the newest patch-level fixes while keeping the same workflow behavior.
Changed: Module publishing dependency
The Publish-Module.yml reusable workflow now references PSModule/Publish-PSModule v2.2.4 (pinned by commit SHA) instead of v2.2.3.
- name: Publish module
uses: PSModule/Publish-PSModule@8917aed588dae1bd1aa2873b1caec1c50c20d255 # v2.2.4No workflow inputs or invocation patterns changed for consumers.
Technical Details
- Updated one dependency reference in
.github/workflows/Publish-Module.yml. - The action remains SHA-pinned with a version comment for traceability and supply-chain integrity.
v5.5.1
🩹 [Patch]: Reusable workflow dependencies updated (#332)
Reusable workflow dependencies are now updated to newer pinned versions, improving reliability and consistency across repository automation while preserving existing workflow behavior.
Changed: Reusable workflow dependency versions
The repository workflows now use updated pinned versions of key GitHub Actions and PSModule actions. All references remain SHA-pinned with version comments, keeping the same security model while applying dependency updates.
Technical Details
Updated action pins in .github/workflows/Build-Docs.yml, .github/workflows/Build-Site.yml, .github/workflows/Lint-Repository.yml, .github/workflows/Lint-SourceCode.yml, .github/workflows/Linter.yml, .github/workflows/Publish-Site.yml, .github/workflows/Test-Module.yml, and .github/workflows/Test-ModuleLocal.yml. Changes include actions/download-artifact (v8.0.1), actions/deploy-pages (v5.0.0), actions/configure-pages (v6.0.0), PSModule/Invoke-ScriptAnalyzer (v4.1.3), and super-linter/super-linter (v8.6.0).
v5.5.0
🚀 [Feature]: Release-triggering file patterns now configurable via workflow input (#301)
Repositories can now control which file changes trigger build, test, and publish stages by configuring the ImportantFilePatterns workflow input or settings file property. The default patterns (^src/ and ^README\.md$) remain unchanged for backward compatibility.
- Fixes #278
New: Configurable release-triggering file patterns
The ImportantFilePatterns input is now available on the workflow.yml and Get-Settings.yml reusable workflows. Pass a newline-separated list of regex patterns to override the defaults:
jobs:
Process:
uses: PSModule/Process-PSModule/.github/workflows/workflow.yml@v5
with:
ImportantFilePatterns: |
^src/
^README\.md$
^examples/To disable file-change triggering entirely, pass an empty string via the workflow input or set an empty list in .github/PSModule.yml:
# In .github/PSModule.yml
ImportantFilePatterns: []Resolution order: settings file → workflow input → workflow input default values.
Changed: PR comment reflects configured patterns
The automated comment posted on PRs when no important files are changed now dynamically lists the configured patterns instead of a hardcoded table.
Technical Details
- Added
ImportantFilePatternsinput (type:string, newline-separated) to both.github/workflows/workflow.ymland.github/workflows/Get-Settings.ymlwith explicit defaults (^src/and^README\.md$). - Bumped
Get-PSModuleSettingsaction reference fromv1.4.4tov1.5.0which implements the settings file and action input support for this feature. - Passed
ImportantFilePatternsinput through the reusable workflow chain to theGet-PSModuleSettingsaction step. - Updated README documentation: new input in the workflow inputs table, new "Customizing important file patterns" section with YAML examples, updated settings file reference and example schema.