v5.3.4

Bump actions/download-artifact from 5 to 6 (#236)

Bumps actions/download-artifact from 5 to 6.

Release notes

Sourced from actions/download-artifact's releases.

v6.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

• Update README for download-artifact v5 changes by @​yacaovsnc in actions/download-artifact#417
• Update README with artifact extraction details by @​yacaovsnc in actions/download-artifact#424
• Readme: spell out the first use of GHES by @​danwkennedy in actions/download-artifact#431
• Bump @actions/artifact to v4.0.0
• Prepare v6.0.0 by @​danwkennedy in actions/download-artifact#438

New Contributors

• @​danwkennedy made their first contribution in actions/download-artifact#431

Full Changelog: actions/download-artifact@v5...v6.0.0

Commits

• 018cc2c Merge pull request #438 from actions/danwkennedy/prepare-6.0.0
• 815651c Revert "Remove github.dep.yml"
• bb3a066 Remove github.dep.yml
• fa1ce46 Prepare v6.0.0
• 4a24838 Merge pull request #431 from danwkennedy/patch-1
• 5e3251c Readme: spell out the first use of GHES
• abefc31 Merge pull request #424 from actions/yacaovsnc/update_readme
• ac43a60 Update README with artifact extraction details
• de96f46 Merge pull request #417 from actions/yacaovsnc/update_readme
• 7993cb4 Remove migration guide for artifact download changes
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

v5.3.3

Bump actions/upload-artifact from 4 to 5 (#235)

Bumps actions/upload-artifact from 4 to 5.

Release notes

Sourced from actions/upload-artifact's releases.

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

• Update README.md by @​GhadimiR in actions/upload-artifact#681
• Update README.md by @​nebuk89 in actions/upload-artifact#712
• Readme: spell out the first use of GHES by @​danwkennedy in actions/upload-artifact#727
• Update GHES guidance to include reference to Node 20 version by @​patrikpolyak in actions/upload-artifact#725
• Bump @actions/artifact to v4.0.0
• Prepare v5.0.0 by @​danwkennedy in actions/upload-artifact#734

New Contributors

• @​GhadimiR made their first contribution in actions/upload-artifact#681
• @​nebuk89 made their first contribution in actions/upload-artifact#712
• @​danwkennedy made their first contribution in actions/upload-artifact#727
• @​patrikpolyak made their first contribution in actions/upload-artifact#725

Full Changelog: actions/upload-artifact@v4...v5.0.0

v4.6.2

What's Changed

• Update to use artifact 2.3.2 package & prepare for new upload-artifact release by @​salmanmkc in actions/upload-artifact#685

New Contributors

• @​salmanmkc made their first contribution in actions/upload-artifact#685

Full Changelog: actions/upload-artifact@v4...v4.6.2

v4.6.1

What's Changed

• Update to use artifact 2.2.2 package by @​yacaovsnc in actions/upload-artifact#673

Full Changelog: actions/upload-artifact@v4...v4.6.1

v4.6.0

What's Changed

• Expose env vars to control concurrency and timeout by @​yacaovsnc in actions/upload-artifact#662

Full Changelog: actions/upload-artifact@v4...v4.6.0

v4.5.0

What's Changed

• fix: deprecated Node.js version in action by @​hamirmahal in actions/upload-artifact#578
• Add new artifact-digest output by @​bdehamer in actions/upload-artifact#656

New Contributors

• @​hamirmahal made their first contribution in actions/upload-artifact#578

... (truncated)

Commits

• 330a01c Merge pull request #734 from actions/danwkennedy/prepare-5.0.0
• 03f2824 Update github.dep.yml
• 905a1ec Prepare v5.0.0
• 2d9f9cd Merge pull request #725 from patrikpolyak/patch-1
• 9687587 Merge branch 'main' into patch-1
• 2848b2c Merge pull request #727 from danwkennedy/patch-1
• 9b51177 Spell out the first use of GHES
• cd231ca Update GHES guidance to include reference to Node 20 version
• de65e23 Merge pull request #712 from actions/nebuk89-patch-1
• 8747d8c Update README.md
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

v5.3.2

Bump super-linter/super-linter from 8.2.0 to 8.2.1 (#234)

Bumps super-linter/super-linter from 8.2.0 to 8.2.1.

Release notes

Sourced from super-linter/super-linter's releases.

v8.2.1

8.2.1 (2025-10-15)

🐛 Bugfixes

• biome ignore errors on unmatched files (#7089) (8d1cfd5)
• handle pull_request_target (#7088) (188a10f)
• handle schedule and workflow_dispatch events (#7098) (28cb079), closes #7095
• set CONFLICT_FOUND as expected (#7093) (07cfe7e), closes #7092
• strip workspace from the regex check path (#7110) (3b72a2d), closes #7086
• validate DEFAULT_BRANCH when using find (#7119) (7508f4c), closes #7117

⬆️ Dependency updates

• docker: bump the docker group with 2 updates (#7100) (28c5681)
• npm: bump eslint from 9.36.0 to 9.37.0 in /dependencies (#7102) (cf6cb1e)
• npm: bump renovate from 41.132.2 to 41.136.0 in /dependencies (#7107) (495692f)
• npm: bump the eslint-plugins-configs group across 1 directory with 2 updates (#7101) (b3a735d)
• npm: bump the npm group across 1 directory with 4 updates (#7108) (ce227b3)
• npm: bump typescript (#7109) (deba11c)
• python: bump the pip group across 1 directory with 7 updates (#7106) (7c02a56)

🧰 Maintenance

• add missing ruff variables to readme (#7091) (7daeceb), closes #7099
• explain who ignores VALIDATE_ALL_CODEBASE (#7111) (9150eb9), closes #7090
• github-actions: bump peter-evans/create-issue-from-file (#7103) (ec80a77)
• update rack to 3.2.3 (#7136) (2e6ad3d)
• update ruby transitive dependencies (#7115) (00a71f6)

Changelog

Sourced from super-linter/super-linter's changelog.

Changelog

8.2.1 (2025-10-15)

🐛 Bugfixes

• biome ignore errors on unmatched files (#7089) (8d1cfd5)
• handle pull_request_target (#7088) (188a10f)
• handle schedule and workflow_dispatch events (#7098) (28cb079), closes #7095
• set CONFLICT_FOUND as expected (#7093) (07cfe7e), closes #7092
• strip workspace from the regex check path (#7110) (3b72a2d), closes #7086
• validate DEFAULT_BRANCH when using find (#7119) (7508f4c), closes #7117

⬆️ Dependency updates

• docker: bump the docker group with 2 updates (#7100) (28c5681)
• npm: bump eslint from 9.36.0 to 9.37.0 in /dependencies (#7102) (cf6cb1e)
• npm: bump renovate from 41.132.2 to 41.136.0 in /dependencies (#7107) (495692f)
• npm: bump the eslint-plugins-configs group across 1 directory with 2 updates (#7101) (b3a735d)
• npm: bump the npm group across 1 directory with 4 updates (#7108) (ce227b3)
• npm: bump typescript (#7109) (deba11c)
• python: bump the pip group a...

v5.3.1

🩹 [Patch]: Encode all PowerShell files using UTF8 with BOM (#231)

Description

This pull request updates several PowerShell script files across the project. The main change is the addition of a Unicode Byte Order Mark (BOM) at the beginning of each file, which can help ensure proper encoding and compatibility, especially on Windows systems. No functional code changes have been made.

v5.3.0

🚀[Feature]: Use local PSScriptAnalyzer files (#228)

The workflow now uses Invoke-ScriptAnalyzer@v4, enabling automatic discovery of local PSScriptAnalyzer configuration files. This allows projects to maintain custom linting rules in their repository without requiring centralized settings management. The upgrade also streamlines workflow configuration by removing deprecated parameters and improving checkout efficiency.

Updated to PSScriptAnalyzer v4

Upgraded the PSModule/Invoke-ScriptAnalyzer action from v3 to v4 in linting workflows (Lint-SourceCode.yml and Test-Module.yml). This version automatically discovers and uses local .powershell-psscriptanalyzer.psd1 configuration files from the .github/linters/ directory, providing better support for repository-specific linting rules.

Removed Deprecated Settings Parameter

The Settings parameter has been removed from both Lint-SourceCode and Lint-Module workflow steps. PSScriptAnalyzer now automatically discovers local configuration files, eliminating the need to explicitly specify settings profiles.

Workflow Configuration Improvements

• Added a Checkout repository step to the Lint-Module job to ensure the codebase (including local configuration files) is available before linting
• Removed fetch-depth: 0 from checkout steps to use shallow clones, reducing workflow execution time
• Removed unused Name parameter from test workflow

Custom Linting Configuration Support

Added a .powershell-psscriptanalyzer.psd1 configuration file in the test repository (tests/srcWithManifestTestRepo/.github/linters/) demonstrating how projects can define custom code style rules, including formatting preferences, line length limits, and rule exclusions.

v5.2.1

📖Docs: Update README.md with new use cases (#227)

Description

This pull request updates the workflow configuration in the README.md to enhance automation and permissions, and to use the latest workflow version. The most important changes are:

Workflow triggers and scheduling:

• Added workflow_dispatch and a nightly scheduled run (cron: '0 0 * * *') to allow manual and automated executions of the workflow.

Permissions:

• Expanded required permissions to include statuses, pages, and id-token in addition to contents and pull-requests.

Workflow version:

• Updated the referenced workflow from version v2 to v5 for the Process-PSModule job.

v5.2.0

🚀[Feature]: Linting and Documentation Improvements with Conditional Summary Option (#226)

This pull request introduces improvements to the linting workflows and documentation, adds new configuration options for linter summary reporting, and updates test scripts for better visibility. The main focus is on allowing users to optionally display the super-linter summary even when no issues are found, and on clarifying documentation and prompts related to repository operations.

Workflow and Linter Enhancements:

• Added ShowSummaryOnSuccess option for both documentation and codebase linting workflows, allowing the super-linter summary to be displayed even on successful runs. Updated the workflows to post the summary conditionally based on this setting. (.github/workflows/Build-Docs.yml, .github/workflows/workflow.yml, [1] [2] [3] [4] [5]
• Extended the settings parsing logic to support the new ShowSummaryOnSuccess option for both Build.Docs and Linter configurations. (.github/workflows/Get-Settings.yml, [1] [2]

Documentation Updates:

• Updated README.md to document the new ShowSummaryOnSuccess options for both documentation and linter workflows, including example configuration and explanation of its usage. (README.md, [1] [2] [3] [4] [5]
• Added a new section to .github/copilot-instructions.md for process-related Copilot instructions.

Prompt and Command Improvements:

• Clarified execution steps in .github/prompts/pr.prompt.md to specify changing directory to the root of the attached git folder, and updated references to GitHub MCP tool commands to use simplified names. [1] [2]

Test Script Output Improvements:

• Changed test setup and teardown scripts (BeforeAll.ps1, AfterAll.ps1) in both test repositories to use Write-Warning instead of Write-Host for better visibility of important messages. (tests/srcTestRepo/tests/BeforeAll.ps1, [1] [2]; tests/srcTestRepo/tests/AfterAll.ps1, [3] [4]; tests/srcWithManifestTestRepo/tests/BeforeAll.ps1, [5]; tests/srcWithManifestTestRepo/tests/AfterAll.ps1, [6]

v5.1.2

🩹 [Docs]: Add suppressing output guidance to PowerShell style guidelines (#225)

The PowerShell style guidelines now include comprehensive guidance on suppressing unwanted output from commands and methods. This addition helps developers choose the most performant approach when they need to discard function or method return values.

• Fixes #224

Suppressing Output Section

A new section has been added to the PowerShell style guidelines (pwsh.instructions.md) that provides clear guidance on:

• Using $null = for best performance - The recommended approach for suppressing output from both cmdlets and .NET method calls
• Using [void] as an alternative - Another valid option specifically for method calls that return values
• Avoiding | Out-Null - Explicitly noting that this approach has significantly slower performance and should be avoided

The section includes practical examples showing both correct and incorrect usage patterns, making it easy for developers to follow the best practices.

Performance Impact

This guidance is especially important in performance-critical code and loops, where the overhead of | Out-Null can accumulate and cause noticeable slowdowns. By using $null = or [void], developers can ensure their scripts run efficiently.

v5.1.1

🩹[Patch]: Test issue with break on :q! (#220)

Description

This pull request makes a minor documentation update to the Set-PSModuleTest.ps1 script by adding a .NOTES section with author, date, and version information.

#219

v5.1.0

🚀 [Feature]: Add settings control of repository linter (#218)

The workflow now provides fine-grained control over repository linting behavior through simple configuration options. You can disable the linter entirely or customize which validations run by configuring super-linter environment variables directly in your settings file, giving you full control over code quality checks without modifying workflow files.

• Fixes #217

Linter Configuration

Added two new settings to control repository linting behavior:

• Linter.Skip: Completely disable repository linting when set to true
• Linter.env: Configure super-linter environment variables to customize which validations run

What you need to do: Add these settings to your .github/PSModule.yml file as needed.

Disable the linter completely

Linter:
  Skip: true

Customize specific validations

Linter:
  env:
    VALIDATE_BIOME_FORMAT: false
    VALIDATE_JSCPD: false
    VALIDATE_JSON_PRETTIER: false

Advanced configuration

Linter:
  env:
    LOG_LEVEL: DEBUG
    FILTER_REGEX_EXCLUDE: '.*test.*'

See the super-linter environment variables documentation for all available options.