Skip to content

build(deps): Bump PSModule/Process-PSModule/.github/workflows/workflow.yml from 5.5.0 to 6.1.0#13

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/PSModule/Process-PSModule/dot-github/workflows/workflow.yml-6.1.0
Closed

build(deps): Bump PSModule/Process-PSModule/.github/workflows/workflow.yml from 5.5.0 to 6.1.0#13
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/PSModule/Process-PSModule/dot-github/workflows/workflow.yml-6.1.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 16, 2026

Copy link
Copy Markdown
Contributor

Bumps PSModule/Process-PSModule/.github/workflows/workflow.yml from 5.5.0 to 6.1.0.

Release notes

Sourced from PSModule/Process-PSModule/.github/workflows/workflow.yml's releases.

v6.1.0

🚀 [Feature]: Plan job decides version before build so tested artifact equals published artifact (#342)

The version a module ships with is now decided in a new Plan job that runs before the module is built. The same artifact then flows through tests and publish without being mutated, so the artifact you tested is the artifact that lands in the PowerShell Gallery and on the GitHub Release.

New: Plan job replaces Get-Settings

Get-Settings.yml is renamed to Plan.yml. The Plan job runs two steps in sequence and exposes everything downstream jobs need:

  1. Get-PSModuleSettings — loads .github/PSModule.yml and emits the resolved Settings JSON.
  2. Resolve-PSModuleVersion — reads settings + PR labels, queries existing releases and the PowerShell Gallery, and emits the next version.

Plan job output: a single Settings JSON. The resolved version is merged into it as Settings.Module.{Version, Prerelease, FullVersion, ReleaseType, CreateRelease}, so every downstream job receives one self-contained object with no separate version outputs.

flowchart LR
  A[Plan<br/>Get-PSModuleSettings + Resolve-PSModuleVersion] --> B[Build-Module<br/>stamps version into manifest]
  B --> C[Test-* / Coverage]
  C --> D[Publish-Module<br/>publishes artifact unchanged]
Loading

Changed: Build-Module now stamps the real version

Build-Module.yml reads the version from Settings.Module.Version / Settings.Module.Prerelease and passes them to Build-PSModule. The built manifest contains the version the module will ship with before any test runs. The 999.0.0 placeholder only appears when no version is provided (for example, direct callers that bypass the Plan job).

Changed: Publish-Module no longer calculates or mutates versions

Publish-Module.yml drops every input that used to drive version calculation:

  • AutoPatching
  • DatePrereleaseFormat
  • IgnoreLabels
  • IncrementalPrerelease
  • MajorLabels / MinorLabels / PatchLabels
  • ReleaseType
  • VersionPrefix

Publish-Module now reads the version straight from the manifest that arrived from Build-Module and pushes it to the PowerShell Gallery as-is. The PR-title / PR-body / heading inputs are unchanged. The job also gains permission to upload release assets so the zipped module can be attached to the GitHub Release.

Fixed: Tested artifact equals published artifact

The placeholder-then-rewrite flow is gone. The bytes tested in Test-Module / Test-ModuleLocal are the same bytes published to the PowerShell Gallery and attached to the GitHub Release.

Technical Details

  • Plan.yml (renamed from Get-Settings.yml): adds a Resolve-Version step (runs unconditionally — it computes the release decision, including ReleaseType) followed by an Enrich-Settings step that merges the resolved version into Settings.Module.*. Plan exposes a single Settings output on both the job and workflow_call.
  • workflow.yml: the Get-Settings job is renamed to Plan and every downstream needs: / with: reference is repointed. Downstream jobs consume the single needs.Plan.outputs.Settings object (version available under Settings.Module.*).
  • Build-Module.yml: reads Settings.Module.Version / Settings.Module.Prerelease and passes them as Version / Prerelease to Build-PSModule, falling back to the 999.0.0 placeholder when a direct caller bypasses Plan and omits Settings.Module.

... (truncated)

Commits
  • 0d7a2f0 🚀 [Feature]: Plan job decides version before build so tested artifact equals ...
  • 54e2677 Bump PSModule/GitHub-Script from 1.8.0 to 1.9.0 (#367)
  • 1514ac0 📖 [Docs]: Add full dependency tree with Mermaid diagrams (#368)
  • 364ddd6 🌟 [Major]: Fixed test secret inputs replaced by TestData (#365)
  • 8b75537 🪲 [Fix]: Restore correct release versioning in the publish pipeline (#363)
  • 6aa7664 📖 [Docs]: Document the Pester major-version lock in the test pipeline (#362)
  • 0506996 [Patch]: Update GitHub Actions dependencies to latest pinned versions (#358)
  • 0c90c32 ⚙️ [Maintenance]: Remove instruction files colocated into the docs site (#349)
  • ce64918 Bump PSModule/GitHub-Script from 1.7.10 to 1.8.0 (#346)
  • dcfb311 Bump PSModule/Build-PSModule from 4.0.14 to 4.0.15 (#345)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

…w.yml

Bumps [PSModule/Process-PSModule/.github/workflows/workflow.yml](https://github.com/psmodule/process-psmodule) from 5.5.0 to 6.1.0.
- [Release notes](https://github.com/psmodule/process-psmodule/releases)
- [Commits](PSModule/Process-PSModule@1111791...0d7a2f0)

---
updated-dependencies:
- dependency-name: PSModule/Process-PSModule/.github/workflows/workflow.yml
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 16, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: dependencies, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@github-actions

Copy link
Copy Markdown

No Significant Changes Detected

This PR does not contain changes to files that would trigger a new release:

Pattern Description
^src/ Matches files where path matches this pattern
^README\.md$ Matches files where path matches this pattern

Build, test, and publish stages will be skipped for this PR.

If you believe this is incorrect, please verify that your changes are in the correct locations.

@github-actions

Copy link
Copy Markdown

Super-linter summary

Language Validation result
CHECKOV Pass ✅
GITHUB_ACTIONS Pass ✅
GITLEAKS Pass ✅
GIT_MERGE_CONFLICT_MARKERS Pass ✅
MARKDOWN Pass ✅
NATURAL_LANGUAGE Pass ✅
POWERSHELL Pass ✅
PRE_COMMIT Pass ✅
SPELL_CODESPELL Pass ✅
TRIVY Pass ✅
YAML Pass ✅

All files and directories linted successfully

For more information, see the GitHub Actions workflow run

Powered by Super-linter

@dependabot @github

dependabot Bot commented on behalf of github Jul 17, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #14.

@dependabot dependabot Bot closed this Jul 17, 2026
@dependabot
dependabot Bot deleted the dependabot/github_actions/PSModule/Process-PSModule/dot-github/workflows/workflow.yml-6.1.0 branch July 17, 2026 01:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants