🩹[Patch]: Workflow improvements (#18)

This release primarily updates and improves the workflows, focusing on
enhanced security, reliability, and maintainability. Key changes include
pinning all GitHub Action dependencies to specific commit SHAs, updating
and renaming the release workflow, removing unused linter configuration,
and refining scheduling and validation settings.

**Workflow and Dependency Management Improvements:**

* All GitHub Actions in workflow files (`Action-Test.yml`, `Linter.yml`,
`Release.yml`) are now pinned to specific commit SHAs for improved
security and reproducibility.
* The release workflow was renamed from
`.github/workflows/Auto-Release.yml` to `.github/workflows/Release.yml`,
with corresponding job and step name updates, and now uses the
`PSModule/Release-GHRepository` action instead of
`PSModule/Auto-Release`.
* The release workflow now triggers on `pull_request` events (instead of
`pull_request_target`), and is further scoped to only run when files in
`action.yml` or `src/**` are changed.

**Linter and Validation Configuration:**

* The unused `.github/linters/.jscpd.json` configuration file was
removed, and JSCPD validation is now explicitly disabled in the linter
workflow.
* Additional linter validations (such as `VALIDATE_BIOME_FORMAT`) are
now disabled to streamline linting.

**Scheduling and Workflow Behavior:**

* Dependabot update checks are now scheduled to run daily (instead of
weekly), with a 7-day cooldown between updates.

**Other Improvements:**

* Minor improvements to the `action.yml` metadata, including a clearer
description and updating the script path for the main PowerShell script.

Author: MariusStorhaug

.github/dependabot.yml

@@ -11,4 +11,6 @@ updates:
       - dependencies
       - github-actions
     schedule:
-      interval: weekly
+      interval: daily
+    cooldown:
+      default-days: 7

.github/linters/.jscpd.json

@@ -23,11 +23,13 @@ jobs:
     steps:
       # Need to check out as part of the test, as its a local action
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
 
       - name: Get issue file content
         id: GetIssueFileContent
-        uses: PSModule/GitHub-Script@v1
+        uses: PSModule/GitHub-Script@0097f3bbe3f413f3b577b9bcc600727b0ca3201a # v1.7.10
         with:
           ShowOutput: true
           Script: |
@@ -40,6 +42,6 @@ jobs:
           IssueBody: ${{ fromJson(steps.GetIssueFileContent.outputs.result).issueFileContent }}
 
       - name: Action-Test-Results
-        uses: PSModule/Invoke-Pester@v4
+        uses: PSModule/Invoke-Pester@882994cbe1ff07c3fc8afdac52404c940f99b331 # v4.2.2
         env:
           data: ${{ steps.Action-Test.outputs.data }}

.github/workflows/Action-Test.yml

@@ -19,14 +19,17 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
+          persist-credentials: false
 
       - name: Lint code base
-        uses: super-linter/super-linter@latest
+        uses: super-linter/super-linter@d5b0a2ab116623730dd094f15ddc1b6b25bf7b99 # v8.3.2
         env:
           GITHUB_TOKEN: ${{ github.token }}
+          VALIDATE_BIOME_FORMAT: false
+          VALIDATE_JSCPD: false
           VALIDATE_JSON_PRETTIER: false
           VALIDATE_MARKDOWN_PRETTIER: false
           VALIDATE_YAML_PRETTIER: false

.github/workflows/Linter.yml

@@ -1,9 +1,9 @@
-name: Auto-Release
+name: Release
 
-run-name: "Auto-Release - [${{ github.event.pull_request.title }} #${{ github.event.pull_request.number }}] by @${{ github.actor }}"
+run-name: "Release - [${{ github.event.pull_request.title }} #${{ github.event.pull_request.number }}] by @${{ github.actor }}"
 
 on:
-  pull_request_target:
+  pull_request:
     branches:
       - main
     types:
@@ -12,6 +12,9 @@ on:
       - reopened
       - synchronize
       - labeled
+    paths:
+      - 'action.yml'
+      - 'src/**'
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
@@ -22,13 +25,15 @@ permissions:
   pull-requests: write # Required to create comments on the PRs
 
 jobs:
-  Auto-Release:
+  Release:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
 
-      - name: Auto-Release
-        uses: PSModule/Auto-Release@v1
+      - name: Release
+        uses: PSModule/Release-GHRepository@88c70461c8f16cc09682005bcf3b7fca4dd8dc1a # v2.0.1
         env:
           GITHUB_TOKEN: ${{ github.token }}

.github/workflows/Auto-Release.yml .github/workflows/Release.yml.github/workflows/Auto-Release.yml renamed to .github/workflows/Release.yml

@@ -1,5 +1,5 @@
 name: Get-IssueFormData
-description: Get the data from a issue that was generated based on a issue form
+description: Get the data from an issue that was generated based on an issue form
 author: PSModule
 branding:
   icon: upload-cloud
@@ -21,12 +21,12 @@ runs:
   steps:
     - name: Get-IssueFormData
       id: Get-IssueFormData
-      uses: PSModule/GitHub-Script@v1
+      uses: PSModule/GitHub-Script@0097f3bbe3f413f3b577b9bcc600727b0ca3201a # v1.7.10
       env:
         GITHUB_ACTION_INPUT_IssueBody: ${{ inputs.IssueBody }}
       with:
         Token: ''
         ShowOutput: true
         Script: |
           # Get-IssueFormData
-          ${{ github.action_path }}/scripts/main.ps1
+          ${{ github.action_path }}/src/main.ps1