From 152884d6b06c086ed8af6c1b3cd3f19b43cd812b Mon Sep 17 00:00:00 2001 From: Marius Storhaug Date: Wed, 8 Jul 2026 00:41:55 +0200 Subject: [PATCH 1/4] Revert Publish-PSModule pin from v3.0.0 to v2.2.4 --- .github/workflows/Publish-Module.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/Publish-Module.yml b/.github/workflows/Publish-Module.yml index e598d86b..b629d198 100644 --- a/.github/workflows/Publish-Module.yml +++ b/.github/workflows/Publish-Module.yml @@ -30,7 +30,7 @@ jobs: fetch-depth: 0 - name: Publish module - uses: PSModule/Publish-PSModule@03c0f8b53d0367c85a0f121f98af9b40c817b0e3 # v3.0.0 + uses: PSModule/Publish-PSModule@8917aed588dae1bd1aa2873b1caec1c50c20d255 # v2.2.4 env: GH_TOKEN: ${{ github.token }} with: From be62f314e8f487611aa66ab72315f1d33e53adee Mon Sep 17 00:00:00 2001 From: Marius Storhaug Date: Wed, 8 Jul 2026 00:41:55 +0200 Subject: [PATCH 2/4] Ignore Dependabot semver-major updates for first-party *-PSModule actions --- .github/dependabot.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 19dfd9b3..0c09a0f1 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -19,3 +19,12 @@ updates: github-actions: patterns: - "*" + ignore: + # Temporary: freeze major bumps of our own *-PSModule lifecycle actions + # until the version-calculation refactor (#326) lands. A premature major + # bump of Publish-PSModule (#358) broke the publish pipeline; this stops + # Dependabot from re-proposing that class of change until the refactor is + # in place and the actions can be adopted together. + - dependency-name: "PSModule/*-PSModule" + update-types: + - version-update:semver-major From 4747e1b0f5b60f05ade951ed6291a38cf1c3d008 Mon Sep 17 00:00:00 2001 From: Marius Storhaug Date: Wed, 8 Jul 2026 00:58:53 +0200 Subject: [PATCH 3/4] Normalize APIKey secret reference to match its declaration casing --- .github/workflows/Publish-Module.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/Publish-Module.yml b/.github/workflows/Publish-Module.yml index b629d198..2e24dda9 100644 --- a/.github/workflows/Publish-Module.yml +++ b/.github/workflows/Publish-Module.yml @@ -36,7 +36,7 @@ jobs: with: Name: ${{ fromJson(inputs.Settings).Name }} ModulePath: outputs/module - APIKey: ${{ secrets.APIKEY }} + APIKey: ${{ secrets.APIKey }} WhatIf: ${{ github.repository == 'PSModule/Process-PSModule' }} AutoCleanup: ${{ fromJson(inputs.Settings).Publish.Module.AutoCleanup }} AutoPatching: ${{ fromJson(inputs.Settings).Publish.Module.AutoPatching }} From 400c6d2f46299c741bc24c0e45b025b917357292 Mon Sep 17 00:00:00 2001 From: Marius Storhaug Date: Wed, 8 Jul 2026 01:21:21 +0200 Subject: [PATCH 4/4] Revert dependabot.yml ignore for *-PSModule semver-major updates --- .github/dependabot.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 0c09a0f1..19dfd9b3 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -19,12 +19,3 @@ updates: github-actions: patterns: - "*" - ignore: - # Temporary: freeze major bumps of our own *-PSModule lifecycle actions - # until the version-calculation refactor (#326) lands. A premature major - # bump of Publish-PSModule (#358) broke the publish pipeline; this stops - # Dependabot from re-proposing that class of change until the refactor is - # in place and the actions can be adopted together. - - dependency-name: "PSModule/*-PSModule" - update-types: - - version-update:semver-major