Skip to content

Releases: PSModule/GitHub-Script

v1.7.8

17 Jan 00:36
@github-actions github-actions
v1.7.8
2010983
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.7.8 Latest
Latest

🩹 [Patch]: Remove output access hints from logs (#55)

Removes the output access hint text from the action logs to avoid confusion when the action is used directly or nested in another composite action. The output grouping and output content display remain unchanged.

Changes

  • Remove access-hint printing in scripts/outputs.ps1
  • Simplify composite output test by removing access-pattern demo and help-text validation

Rationale

The access pattern differs for direct vs nested usage, so printed hints can be misleading. Removing the hint avoids confusion while still showing the output values.

Assets 2
Loading

v1.7.7

16 Jan 22:12
@github-actions github-actions
v1.7.7
9fd70c8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.7.7

🩹[Patch]: CI and workflow maintenance updates (#76)

This release updates CI and workflow maintenance for the GitHub-Script action.

Changes

  • Super-linter updated to v8.3.2 and Biome format validation disabled for this repo.
  • Checkout action pins refreshed across workflows.
  • Dependabot schedule moved to daily with a 7‑day cooldown.
  • Action test workflows now pass explicit secrets instead of inheriting.
  • Auto-Release workflow now runs on pull_request events.

Notes

  • No changes to action.yml behavior or runtime output.
Loading

v1.7.6

02 Dec 10:56
@github-actions github-actions
v1.7.6
8b9d273
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.7.6

Bumps azure/login from v2.2.0 to v2.3.0 (#70)

Bumps azure/login from v2.2.0 to v2.3.0.

Changes

  • Updated version comment to use patch-level semver (# v2.3.0 instead of # v2)
  • Updated PR title and description to reference semver versions
# Before
uses: azure/login@1384c340ab2dda50fed2bee3041d1d87018aa5e8 # v2

# After  
uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Loading

v1.7.5

02 Dec 08:44
@github-actions github-actions
v1.7.5
413d904
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.7.5

Bump super-linter/super-linter from 8.2.1 to 8.3.0 (#69)

Bumps super-linter/super-linter from 8.2.1 to 8.3.0.

Release notes

Sourced from super-linter/super-linter's releases.

v8.3.0

8.3.0 (2025-11-28)

🚀 Features

🐛 Bugfixes

⬆️ Dependency updates

  • bundler: bump rubocop in /dependencies in the rubocop group (#7188) (74b2444)
  • bundler: bump rubocop-rails in /dependencies in the rubocop group (#7231) (dd55c52)
  • bundler: bump the rubocop group in /dependencies with 2 updates (#7178) (3bdc919)
  • bundler: bump the rubocop group in /dependencies with 4 updates (#7202) (0e09528)
  • docker: bump python in the docker-base-images group (#7123) (41c3da1)
  • docker: bump the docker group across 1 directory with 12 updates (#7235) (b1cf27d)
  • docker: bump the docker group across 1 directory with 6 updates (#7148) (76149cf)
  • docker: bump the docker group across 1 directory with 9 updates (#7194) (45f731e)
  • npm: bump @​babel/eslint-parser in /dependencies (#7183) (197eb88)
  • npm: bump @​typescript-eslint/eslint-plugin (#7127) (2d57f06)
  • npm: bump @​typescript-eslint/eslint-plugin (#7196) (033ea99)
  • npm: bump body-parser from 2.2.0 to 2.2.1 in /dependencies (#7238) (30403f6)
  • npm: bump eslint from 9.37.0 to 9.38.0 in /dependencies (#7170) (b42af6f)
  • npm: bump eslint from 9.38.0 to 9.39.0 in /dependencies (#7191) (0cf22c8)
  • npm: bump eslint from 9.39.0 to 9.39.1 in /dependencies (#7197) (513ae8b)
  • npm: bump eslint-plugin-react-hooks (#7180) (61e4208)
  • npm: bump js-yaml from 3.14.1 to 3.14.2 in /dependencies (#7210) (29faa98)
  • npm: bump npm-groovy-lint from 15.2.1 to 15.2.2 in /dependencies (#7130) (4913825)
  • npm: bump renovate from 41.142.0 to 41.146.5 in /dependencies (#7134) (900b973)
  • npm: bump renovate from 41.151.1 to 41.161.0 in /dependencies (#7182) (1d8c2a2)
  • npm: bump renovate from 41.161.0 to 42.4.0 in /dependencies (#7198) (0a4ed30)
  • npm: bump the eslint-plugins-configs group across 1 directory with 2 updates (#7145) (c137ca9)
  • npm: bump the npm group across 1 directory with 2 updates (#7175) (f0b0ff5)
  • npm: bump the npm group across 1 directory with 3 updates (#7146) (d4d3f16)
  • npm: bump the npm group across 1 directory with 3 updates (#7195) (ad4f63c)
  • npm: bump the npm group across 1 directory with 5 updates (#7233) (5cadbf1)
  • npm: bump the npm group across 1 directory with 8 updates (#7221) (3802c52)
  • npm: bump the react group across 1 directory with 2 updates (#7190) (d6c8078)
  • npm: bump the react group across 1 directory with 4 updates (
Read more
Loading

v1.7.4

26 Nov 15:53
@github-actions github-actions
v1.7.4
00547bf
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.7.4

Bump actions/checkout from 5 to 6 (#67)

Bumps actions/checkout from 5 to 6.

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

Changelog

Sourced from actions/checkout's changelog.

Changelog

V6.0.0

V5.0.1

V5.0.0

V4.3.1

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

... (truncated)

Commits

[Dependabot compatibility score](https://docs.github.com/en/github/managing-security-vulnerabilities/about-d...

Read more
Loading

v1.7.3

05 Oct 12:04
@github-actions github-actions
v1.7.3
4f9c58a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.7.3

Bump actions/checkout from 4 to 5 (#66)

Bumps actions/checkout from 4 to 5.

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v4...v4.3.0

v4.2.2

What's Changed

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

New Contributors

Full Changelog: actions/checkout@v4.2.0...v4.2.1

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

  • Update NPM dependencie...
Read more
Loading

v1.7.2

05 Oct 10:23
@github-actions github-actions
v1.7.2
2d991b7
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.7.2

🩹 [Patch]: Update Dependabot configuration to include labels for GitHub Actions (#65)

Description

This pull request introduces a Dependabot configuration to automate dependency updates for GitHub Actions workflows. This will help keep our GitHub Actions up to date and improve security and maintainability.

Dependency management automation:

  • Added a .github/dependabot.yml file to enable weekly automated updates for GitHub Actions dependencies, with appropriate labeling for tracking.
Loading

v1.7.1

22 Jul 11:18
@github-actions github-actions
v1.7.1
53dd5b9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.7.1

🩹 [Patch]: Add logging for GitHub event data in info script (#64)

Description

This pull request adds a new logging group to the scripts/info.ps1 file for better visibility into event-related information.

Logging Improvements:

  • scripts/info.ps1: Added a new log group labeled 'Event Information' that retrieves and formats GitHub event data using Get-GitHubEventData.

Type of change

  • 📖 [Docs]
  • 🪲 [Fix]
  • 🩹 [Patch]
  • ⚠️ [Security fix]
  • 🚀 [Feature]
  • 🌟 [Breaking change]

Checklist

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
Loading

v1.7.0

19 Jul 00:11
@github-actions github-actions
v1.7.0
d7819cb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.7.0

🚀 Add KeyVaultKeyReference parameter for GitHub App authentication (#63)

This PR adds support for authenticating GitHub Apps using Azure KeyVault key references, enabling secure private key storage in Azure KeyVault instead of GitHub secrets.

Changes Made

🔧 Core Implementation

  • action.yml: Added new KeyVaultKeyReference input parameter with proper description and environment variable mapping
  • scripts/init.ps1:
    • Added validation logic ensuring mutual exclusion between PrivateKey and KeyVaultKeyReference
    • Added requirement validation that ClientID must be provided with exactly one key parameter
    • Implemented new authentication path: Connect-GitHub -ClientID <ClientID> -KeyVaultKeyReference <url>
    • Updated module status reporting to include KeyVault key reference status

📚 Documentation

  • README.md:
    • Added KeyVaultKeyReference to inputs documentation table
    • Added comprehensive Example 5 demonstrating Azure KeyVault authentication workflow
    • Updated example numbering consistently
    • Included note about required azure/login action for KeyVault authentication

Usage Example

jobs:
  Run-Script:
    runs-on: ubuntu-latest
    steps:
      - name: Login to Azure
        uses: azure/login@v1
        with:
          creds: ${{ secrets.AZURE_CREDENTIALS }}

      - name: Run script
        uses: PSModule/GitHub-Script@v1
        with:
          ClientID: ${{ secrets.CLIENT_ID }}
          KeyVaultKeyReference: ${{ secrets.KEYVAULT_KEY_REFERENCE }}
          Script: |
            LogGroup "Get-GitHubApp" {
              Get-GitHubApp
            }

Validation

The implementation includes comprehensive validation:

  • ✅ Mutual exclusion: Only one of PrivateKey or KeyVaultKeyReference can be provided
  • ✅ Requirement validation: ClientID must be provided with exactly one key parameter
  • ✅ Error handling for invalid input combinations
  • ✅ PowerShell and YAML syntax validation
  • ✅ Integration testing with 6/6 test scenarios passing

Authentication Flow

The action now supports three authentication methods:

  1. Token: Token parameter (existing)
  2. GitHub App with Private Key: ClientID + PrivateKey (existing)
  3. GitHub App with KeyVault: ClientID + KeyVaultKeyReference (new)

Fixes #62.

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

Loading

v1.6.7

01 Jul 20:25
@github-actions github-actions
v1.6.7
cc12067
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.6.7

🪲 [Fix]: Fix debug and verbose inputs (#61)

This pull request introduces updates to improve debug and verbose output handling across the GitHub PowerShell-based action. The changes ensure consistent configuration of debug and verbose preferences and enhance clarity in documentation and workflow files.

Debug and Verbose Output Handling Updates:

  • .github/workflows/TestWorkflow.yml: Added the -Debug parameter to the Get-GitHubUser command to enable debug output during the workflow execution.
  • action.yml: Updated the descriptions for Debug and Verbose inputs to clarify that they enable debug and verbose output for the entire action. Additionally, configured $DebugPreference and $VerbosePreference based on input values to set PowerShell preferences dynamically. [1] [2]
  • scripts/info.ps1: Removed redundant $DebugPreference and $VerbosePreference configuration from the end block, as these preferences are now set globally in the action runner.
  • scripts/outputs.ps1: Removed hardcoded $DebugPreference and $VerbosePreference settings to align with the new dynamic configuration approach.

Documentation Updates:

  • README.md: Improved descriptions for Debug and Verbose inputs to specify that they enable output for the entire action, enhancing clarity for users.
Loading