v6.1.6
Bump PSModule/Invoke-Pester from 4.2.6 to 5.1.0 in the github-actions group across 1 directory (#393)
Bumps the github-actions group with 1 update in the / directory: PSModule/Invoke-Pester.
Updates PSModule/Invoke-Pester from 4.2.6 to 5.1.0
Release notes
Sourced from PSModule/Invoke-Pester's releases.
v5.1.0
🚀 [Minor]: Add optional GUID identity pinning to Pester selection (#73)
Adds an optional
Guidinput so a workflow can pin Pester by module identity (GUID), validated at install time. Combined with a#RequiresGUID pin in test files, identity is validated the whole way — on the developer's machine and in CI at discovery, and now also in CI at the action's install step (shifted left, one clear failure point).
- Fixes #68
Added:
Guidinput for module-identity pinningThe optional
Guidinput pins Pester by module identity. After resolving and installing the version, the action validates the loaded module's GUID and fails fast if it does not match — guarding against a different module namedPesteron the runner'sPSModulePath.- uses: PSModule/Invoke-Pester@v5 with: Version: '6.0.0' Guid: 'a699dea5-2c73-4616-a270-1f7abb777e71'Validation now happens at every layer:
- Developer machine / CI at test discovery — via
#Requires -Modules @{ ...; GUID = ... }in test files.- CI at the action's init/install step — via the new
Guidinput (earliest single point of failure).Technical Details
action.yml: new optionalGuidinput, passed to both the init and exec phases viaPSMODULE_INVOKE_PESTER_INPUT_Guid.Install-PSResourceWithRetry: new-Guidparameter; after import, it validates the loaded module'sGuidand throws a clear error on mismatch.Install-PSResourcecannot select by GUID (gallery identity is name + version), so identity is enforced at import.init.ps1/exec.ps1: read the input and pass-Guidthrough.- Tests:
PesterGuidPinpins via both theGuidinput and#Requires(validating the whole way).PesterGuidMatchpins via theGuidinput only (version-only#Requires), asserting a matching GUID lets the run succeed.PesterGuidMismatchpasses a wrongGuidand asserts the action fails.- Docs: README input table updated.
- Verified locally: a correct GUID imports; a wrong GUID throws
Loaded 'Pester' does not match the required GUID ....This closes the last remaining item on #68 — the version-selection core shipped in #71 (v5.0.0), and this adds the optional GUID identity pin.
v5.0.0
🌟 [Major]: Version and Prerelease inputs now control Pester (#71)
Invoke-Pester now treats
VersionandPrereleaseas Pester controls. Workflows that previously used those inputs to choose the GitHub PowerShell module used by the init bootstrap step must rename them toGitHubVersionandGitHubPrerelease. Workflows that did not setVersionorPrereleasekeep installing the latest available Pester by default.
- Related to #68
- Aligns with PSModule/GitHub-Script#97 for NuGet version-range syntax
Breaking Changes
VersionandPrereleasenow apply to Pester, not the GitHub PowerShell module used internally during init.Before this change, a workflow like this selected the GitHub module version:
... (truncated)
Commits
4ff3319🚀 [Minor]: Add optional GUID identity pinning to Pester selection (#73)8a4e652🌟 [Major]: Version and Prerelease inputs now control Pester (#71)0a4e7b3Bump actions/checkout from 6.0.2 to 7.0.0 (#66)3299427Bump super-linter/super-linter from 8.6.0 to 8.7.0 (#67)- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions