🩹[Patch]: Workflow improvements (#106)

This release makes several updates to the project's GitHub workflows and
configuration files, focusing on improving reliability, security, and
maintainability. Key changes include pinning GitHub Action dependencies
to specific commit hashes, updating workflow schedules and cooldowns,
removing or replacing configuration files for release and linters, and
updating references to scripts and modules for better consistency.

**GitHub Actions and Workflow Improvements:**

* All workflows now pin the `actions/checkout` and other GitHub Actions
to specific commit SHAs for improved security and reproducibility, and
set `persist-credentials: false` to enhance security.
* Updated the linter workflow to use a specific version of
`super-linter`, and disabled certain validations for improved
performance and compatibility.

**Release Process Updates:**

* Removed the old `Auto-Release.yml` workflow and replaced it with a new
`Release.yml` workflow that uses a different release action and is
triggered on pull requests affecting release-relevant files.
* Deleted the `.github/release.yml` configuration for auto-generated
release notes, centralizing release configuration in the workflow.

**Configuration and Scheduling Changes:**

* Changed the Dependabot update schedule from weekly to daily, and
introduced a 7-day cooldown to avoid excessive update PRs.
* Removed the `.github/linters/.jscpd.json` configuration file, likely
because duplicate code detection is now disabled or managed elsewhere.

**Script and Module Reference Updates:**

* Updated references in `action.yml` to use specific commit SHAs for
external modules and changed script paths from `scripts/main.ps1` to
`src/main.ps1` for consistency.

Author: MariusStorhaug

.github/dependabot.yml

@@ -11,4 +11,6 @@ updates:
       - dependencies
       - github-actions
     schedule:
-      interval: weekly
+      interval: daily
+    cooldown:
+      default-days: 7

.github/linters/.jscpd.json

@@ -24,7 +24,9 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
 
       - name: Action-Test
         uses: ./

.github/release.yml

@@ -24,7 +24,9 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
 
       - name: Action-Test
         uses: ./

.github/workflows/Action-Test-Src-Default.yml

@@ -24,7 +24,9 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
 
       - name: Action-Test
         uses: ./

.github/workflows/Action-Test-Src-WithManifest.yml

@@ -19,14 +19,17 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
+          persist-credentials: false
 
       - name: Lint code base
-        uses: super-linter/super-linter@latest
+        uses: super-linter/super-linter@d5b0a2ab116623730dd094f15ddc1b6b25bf7b99 # v8.3.2
         env:
           GITHUB_TOKEN: ${{ github.token }}
+          VALIDATE_BIOME_FORMAT: false
+          VALIDATE_JSCPD: false
           VALIDATE_JSON_PRETTIER: false
           VALIDATE_MARKDOWN_PRETTIER: false
           VALIDATE_YAML_PRETTIER: false

.github/workflows/Action-Test-outputs.yml

@@ -0,0 +1,39 @@
+name: Release
+
+run-name: "Release - [${{ github.event.pull_request.title }} #${{ github.event.pull_request.number }}] by @${{ github.actor }}"
+
+on:
+  pull_request:
+    branches:
+      - main
+    types:
+      - closed
+      - opened
+      - reopened
+      - synchronize
+      - labeled
+    paths:
+      - 'action.yml'
+      - 'src/**'
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  Release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
+
+      - name: Release
+        uses: PSModule/Release-GHRepository@5a5165d66f485d1aad217ef34a190178b214fdcb # v2.0.2
+        with:
+          IncrementalPrerelease: false

.github/workflows/Auto-Release.yml

@@ -267,7 +267,7 @@ runs:
   using: composite
   steps:
     - name: Install-PSModuleHelpers
-      uses: PSModule/Install-PSModuleHelpers@v1
+      uses: PSModule/Install-PSModuleHelpers@ed79b6e3aa8c9cd3d30ab2bf02ea6bd4687b9c74 # v1.0.7
 
     - name: Get test paths
       shell: pwsh
@@ -278,10 +278,10 @@ runs:
         PSMODULE_TEST_PSMODULE_INPUT_Settings: ${{ inputs.Settings }}
       run: |
         # Get test paths
-        ${{ github.action_path }}/scripts/main.ps1
+        ${{ github.action_path }}/src/main.ps1
 
     - name: Invoke-Pester
-      uses: PSModule/Invoke-Pester@v4
+      uses: PSModule/Invoke-Pester@1fcb663c0efe914e8374d78e16aa7bb907ea2434 # v4.2.3
       id: test
       env:
         LocalTestPath: ${{ steps.paths.outputs.LocalTestPath }}