Skip to content

🩹 [Patch]: Workflow dependencies updated to latest versions#298

Merged
Marius Storhaug (MariusStorhaug) merged 5 commits intomainfrom
bumps
Mar 27, 2026
Merged

🩹 [Patch]: Workflow dependencies updated to latest versions#298
Marius Storhaug (MariusStorhaug) merged 5 commits intomainfrom
bumps

Conversation

@MariusStorhaug
Copy link
Copy Markdown
Member

@MariusStorhaug Marius Storhaug (MariusStorhaug) commented Mar 27, 2026

Reusable workflows now reference the latest versions of all action dependencies, picking up upstream bug fixes and improvements.

Changed: Dependency versions in workflows

The following dependencies have been bumped across all workflow files:

Dependency Previous New
actions/download-artifact v7.0.0 v8.0.0
actions/upload-artifact v6.0.0 v7.0.0
PSModule/Build-PSModule v4.0.12 v4.0.13
PSModule/Invoke-Pester v4.2.3 v4.2.4
PSModule/Publish-PSModule v2.2.2 v2.2.3

Affected workflows:

  • Build-Docs.yml
  • Build-Module.yml
  • Build-Site.yml
  • Publish-Module.yml
  • Test-Module.yml
  • Test-ModuleLocal.yml

Technical Details

All references use pinned commit SHAs with version comments. No workflow logic or input/output changes — only the pinned SHAs and version comments were updated.

dependabot bot and others added 5 commits March 27, 2026 17:27
@dependabot @MariusStorhaug
Bump actions/download-artifact from 7.0.0 to 8.0.0 (#289)
c1b542a 
Bumps
[actions/download-artifact](https://github.com/actions/download-artifact)
from 7.0.0 to 8.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/download-artifact/releases">actions/download-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v8.0.0</h2>
<h2>v8 - What's new</h2>
<h3>Direct downloads</h3>
<p>To support direct uploads in <code>actions/upload-artifact</code>,
the action will no longer attempt to unzip all downloaded files.
Instead, the action checks the <code>Content-Type</code> header ahead of
unzipping and skips non-zipped files. Callers wishing to download a
zipped file as-is can also set the new <code>skip-decompress</code>
parameter to <code>false</code>.</p>
<h3>Enforced checks (breaking)</h3>
<p>A previous release introduced digest checks on the download. If a
download hash didn't match the expected hash from the server, the action
would log a warning. Callers can now configure the behavior on mismatch
with the <code>digest-mismatch</code> parameter. To be secure by
default, we are now defaulting the behavior to <code>error</code> which
will fail the workflow run.</p>
<h3>ESM</h3>
<p>To support new versions of the @actions/* packages, we've upgraded
the package to ESM.</p>
<h2>What's Changed</h2>
<ul>
<li>Don't attempt to un-zip non-zipped downloads by <a
href="https://github.com/danwkennedy"><code>@​danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/download-artifact/pull/460">actions/download-artifact#460</a></li>
<li>Add a setting to specify what to do on hash mismatch and default it
to <code>error</code> by <a
href="https://github.com/danwkennedy"><code>@​danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/download-artifact/pull/461">actions/download-artifact#461</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v7...v8.0.0">https://github.com/actions/download-artifact/compare/v7...v8.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/download-artifact/commit/70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3"><code>70fc10c</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/461">#461</a>
from actions/danwkennedy/digest-mismatch-behavior</li>
<li><a
href="https://github.com/actions/download-artifact/commit/f258da9a506b755b84a09a531814700b86ccfc62"><code>f258da9</code></a>
Add change docs</li>
<li><a
href="https://github.com/actions/download-artifact/commit/ccc058e5fbb0bb2352213eaec3491e117cbc4a5c"><code>ccc058e</code></a>
Fix linting issues</li>
<li><a
href="https://github.com/actions/download-artifact/commit/bd7976ba57ecea96e6f3df575eb922d11a12a9fd"><code>bd7976b</code></a>
Add a setting to specify what to do on hash mismatch and default it to
<code>error</code></li>
<li><a
href="https://github.com/actions/download-artifact/commit/ac21fcf45e0aaee541c0f7030558bdad38d77d6c"><code>ac21fcf</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/460">#460</a>
from actions/danwkennedy/download-no-unzip</li>
<li><a
href="https://github.com/actions/download-artifact/commit/15999bff51058bc7c19b50ebbba518eaef7c26c0"><code>15999bf</code></a>
Add note about package bumps</li>
<li><a
href="https://github.com/actions/download-artifact/commit/974686ed5098c7f9c9289ec946b9058e496a2561"><code>974686e</code></a>
Bump the version to <code>v8</code> and add release notes</li>
<li><a
href="https://github.com/actions/download-artifact/commit/fbe48b1d2756394be4cd4358ed3bc1343b330e75"><code>fbe48b1</code></a>
Update test names to make it clearer what they do</li>
<li><a
href="https://github.com/actions/download-artifact/commit/96bf374a614d4360e225874c3efd6893a3f285e7"><code>96bf374</code></a>
One more test fix</li>
<li><a
href="https://github.com/actions/download-artifact/commit/b8c4819ef592cbe04fd93534534b38f853864332"><code>b8c4819</code></a>
Fix skip decompress test</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/download-artifact/compare/37930b1c2abaa49bbe596cd826c3c89aef350131...70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/download-artifact&package-manager=github_actions&previous-version=7.0.0&new-version=8.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Marius Storhaug <marstor@hotmail.com>
@dependabot @MariusStorhaug
Bump PSModule/Publish-PSModule from 2.2.2 to 2.2.3 (#296)
2d55e0c 
Bumps
[PSModule/Publish-PSModule](https://github.com/psmodule/publish-psmodule)
from 2.2.2 to 2.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/psmodule/publish-psmodule/releases">PSModule/Publish-PSModule's
releases</a>.</em></p>
<blockquote>
<h2>v2.2.3</h2>
<h1>Bump actions/download-artifact from 7.0.0 to 8.0.0 (<a
href="https://redirect.github.com/psmodule/publish-psmodule/issues/66">#66</a>)</h1>
<p>Bumps <a
href="https://github.com/actions/download-artifact">actions/download-artifact</a>
from 7.0.0 to 8.0.0.</p>
<!-- raw HTML omitted -->
<p><a
href="https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores"><img
src="https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/download-artifact&amp;package-manager=github_actions&amp;previous-version=7.0.0&amp;new-version=8.0.0"
alt="Dependabot compatibility score" /></a></p>
<p>Dependabot will resolve any conflicts with this PR as long as you
don't alter it yourself. You can also trigger a rebase manually by
commenting <code>@dependabot rebase</code>.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/PSModule/Publish-PSModule/commit/207c39b9eff2118d0e4eabff78e90f7015bc36da"><code>207c39b</code></a>
Bump actions/download-artifact from 7.0.0 to 8.0.0 (<a
href="https://redirect.github.com/psmodule/publish-psmodule/issues/66">#66</a>)</li>
<li><a
href="https://github.com/PSModule/Publish-PSModule/commit/54cd357e884d349c2c1a25330a3705d1f3f05866"><code>54cd357</code></a>
⚙️ [Maintenance]: Add afterall to codespell ignore words list (<a
href="https://redirect.github.com/psmodule/publish-psmodule/issues/65">#65</a>)</li>
<li><a
href="https://github.com/PSModule/Publish-PSModule/commit/87122b4b78a57bc161bbdadd33b67f0c8db1560d"><code>87122b4</code></a>
Bump super-linter/super-linter from 8.4.0 to 8.5.0 (<a
href="https://redirect.github.com/psmodule/publish-psmodule/issues/64">#64</a>)</li>
<li><a
href="https://github.com/PSModule/Publish-PSModule/commit/fa1f498b77530ba6f77eb2027ed78ca0570b1b58"><code>fa1f498</code></a>
⚙️ [Maintenance]: Update super-linter to v8.4.0 (<a
href="https://redirect.github.com/psmodule/publish-psmodule/issues/63">#63</a>)</li>
<li><a
href="https://github.com/PSModule/Publish-PSModule/commit/b8d496785237f152196eaa672a1091c5ed400295"><code>b8d4967</code></a>
⚙️ [Maintenance]: Align release workflow (<a
href="https://redirect.github.com/psmodule/publish-psmodule/issues/62">#62</a>)</li>
<li>See full diff in <a
href="https://github.com/psmodule/publish-psmodule/compare/2e548cfd1c68b76129fdeabc7f7caebd47e3b1c3...207c39b9eff2118d0e4eabff78e90f7015bc36da">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=PSModule/Publish-PSModule&package-manager=github_actions&previous-version=2.2.2&new-version=2.2.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Marius Storhaug <marstor@hotmail.com>
@dependabot @MariusStorhaug
Bump PSModule/Invoke-Pester from 4.2.3 to 4.2.4 (#295)
e93e8b0 
Bumps
[PSModule/Invoke-Pester](https://github.com/psmodule/invoke-pester) from
4.2.3 to 4.2.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/psmodule/invoke-pester/releases">PSModule/Invoke-Pester's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.4</h2>
<h1>Bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a
href="https://redirect.github.com/psmodule/invoke-pester/issues/61">#61</a>)</h1>
<p>Bumps <a
href="https://github.com/actions/upload-artifact">actions/upload-artifact</a>
from 6.0.0 to 7.0.0.</p>
<!-- raw HTML omitted -->
<p><a
href="https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores"><img
src="https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&amp;package-manager=github_actions&amp;previous-version=6.0.0&amp;new-version=7.0.0"
alt="Dependabot compatibility score" /></a></p>
<p>Dependabot will resolve any conflicts with this PR as long as you
don't alter it yourself. You can also trigger a rebase manually by
commenting <code>@dependabot rebase</code>.</p>
<hr />
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/PSModule/Invoke-Pester/commit/abddf7bef0d0614d7ca322036af6a06ee0fb4d44"><code>abddf7b</code></a>
Bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a
href="https://redirect.github.com/psmodule/invoke-pester/issues/61">#61</a>)</li>
<li><a
href="https://github.com/PSModule/Invoke-Pester/commit/3cdb795322f1ed0594921f909a993b35ea288f46"><code>3cdb795</code></a>
⚙️ [Maintenance]: Add afterall to codespell ignore words list (<a
href="https://redirect.github.com/psmodule/invoke-pester/issues/60">#60</a>)</li>
<li><a
href="https://github.com/PSModule/Invoke-Pester/commit/ba25d5abf2625cae637b7dfe2e34976b3465f662"><code>ba25d5a</code></a>
Bump super-linter/super-linter from 8.4.0 to 8.5.0 (<a
href="https://redirect.github.com/psmodule/invoke-pester/issues/59">#59</a>)</li>
<li><a
href="https://github.com/PSModule/Invoke-Pester/commit/d1e3cbf98778a1a0d7523bd92f150abe8c9c4839"><code>d1e3cbf</code></a>
⚙️ [Maintenance]: Update super-linter to v8.4.0 (<a
href="https://redirect.github.com/psmodule/invoke-pester/issues/58">#58</a>)</li>
<li><a
href="https://github.com/PSModule/Invoke-Pester/commit/e4cb409df8a3eaf6bf12a016202f752210291233"><code>e4cb409</code></a>
⚙️ [Maintenance]: Align workflows across action repositories (<a
href="https://redirect.github.com/psmodule/invoke-pester/issues/57">#57</a>)</li>
<li>See full diff in <a
href="https://github.com/psmodule/invoke-pester/compare/1fcb663c0efe914e8374d78e16aa7bb907ea2434...abddf7bef0d0614d7ca322036af6a06ee0fb4d44">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=PSModule/Invoke-Pester&package-manager=github_actions&previous-version=4.2.3&new-version=4.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Marius Storhaug <marstor@hotmail.com>
@dependabot @MariusStorhaug
Bump PSModule/Build-PSModule from 4.0.12 to 4.0.13 (#294)
73f7d20 
Bumps
[PSModule/Build-PSModule](https://github.com/psmodule/build-psmodule)
from 4.0.12 to 4.0.13.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/psmodule/build-psmodule/releases">PSModule/Build-PSModule's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.13</h2>
<h1>Bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a
href="https://redirect.github.com/psmodule/build-psmodule/issues/131">#131</a>)</h1>
<p>Bumps <a
href="https://github.com/actions/upload-artifact">actions/upload-artifact</a>
from 6.0.0 to 7.0.0.</p>
<!-- raw HTML omitted -->
<p><a
href="https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores"><img
src="https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&amp;package-manager=github_actions&amp;previous-version=6.0.0&amp;new-version=7.0.0"
alt="Dependabot compatibility score" /></a></p>
<p>Dependabot will resolve any conflicts with this PR as long as you
don't alter it yourself. You can also trigger a rebase manually by
commenting <code>@dependabot rebase</code>.</p>
<hr />
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/PSModule/Build-PSModule/commit/7a3ae1be38587e8051833d85ffa53c348de3cd0d"><code>7a3ae1b</code></a>
Bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a
href="https://redirect.github.com/psmodule/build-psmodule/issues/131">#131</a>)</li>
<li><a
href="https://github.com/PSModule/Build-PSModule/commit/50bc15ddf078bc21306d6cccaa2752cf501b5406"><code>50bc15d</code></a>
⚙️ [Maintenance]: Add afterall to codespell ignore words list (<a
href="https://redirect.github.com/psmodule/build-psmodule/issues/130">#130</a>)</li>
<li><a
href="https://github.com/PSModule/Build-PSModule/commit/2955cbc979cabb45ee23b5324ed489de8bfdac23"><code>2955cbc</code></a>
Bump super-linter/super-linter from 8.4.0 to 8.5.0 (<a
href="https://redirect.github.com/psmodule/build-psmodule/issues/129">#129</a>)</li>
<li><a
href="https://github.com/PSModule/Build-PSModule/commit/aa7580e29dd56414a4ceb01657f0004b3a720d23"><code>aa7580e</code></a>
⚙️ [Maintenance]: Update super-linter to v8.4.0 (<a
href="https://redirect.github.com/psmodule/build-psmodule/issues/128">#128</a>)</li>
<li><a
href="https://github.com/PSModule/Build-PSModule/commit/6e52cf7a705d26ff2e09fe0af8afe37714471873"><code>6e52cf7</code></a>
⚙️ [Maintenance]: Align release workflow (<a
href="https://redirect.github.com/psmodule/build-psmodule/issues/127">#127</a>)</li>
<li>See full diff in <a
href="https://github.com/psmodule/build-psmodule/compare/869da3f28cbb5c04c6868dded0d511a40f191a59...7a3ae1be38587e8051833d85ffa53c348de3cd0d">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=PSModule/Build-PSModule&package-manager=github_actions&previous-version=4.0.12&new-version=4.0.13)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Marius Storhaug <marstor@hotmail.com>
@dependabot @MariusStorhaug
Bump actions/upload-artifact from 6.0.0 to 7.0.0 (#290)
e351e33 
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 6.0.0 to 7.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0</h2>
<h2>v7 What's new</h2>
<h3>Direct Uploads</h3>
<p>Adds support for uploading single files directly (unzipped). Callers
can set the new <code>archive</code> parameter to <code>false</code> to
skip zipping the file during upload. Right now, we only support single
files. The action will fail if the glob passed resolves to multiple
files. The <code>name</code> parameter is also ignored with this
setting. Instead, the name of the artifact will be the name of the
uploaded file.</p>
<h3>ESM</h3>
<p>To support new versions of the <code>@actions/*</code> packages,
we've upgraded the package to ESM.</p>
<h2>What's Changed</h2>
<ul>
<li>Add proxy integration test by <a
href="https://github.com/Link"><code>@​Link</code></a>- in <a
href="https://redirect.github.com/actions/upload-artifact/pull/754">actions/upload-artifact#754</a></li>
<li>Upgrade the module to ESM and bump dependencies by <a
href="https://github.com/danwkennedy"><code>@​danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/upload-artifact/pull/762">actions/upload-artifact#762</a></li>
<li>Support direct file uploads by <a
href="https://github.com/danwkennedy"><code>@​danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/upload-artifact/pull/764">actions/upload-artifact#764</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Link"><code>@​Link</code></a>- made
their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/754">actions/upload-artifact#754</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v6...v7.0.0">https://github.com/actions/upload-artifact/compare/v6...v7.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f"><code>bbbca2d</code></a>
Support direct file uploads (<a
href="https://redirect.github.com/actions/upload-artifact/issues/764">#764</a>)</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296"><code>589182c</code></a>
Upgrade the module to ESM and bump dependencies (<a
href="https://redirect.github.com/actions/upload-artifact/issues/762">#762</a>)</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5"><code>47309c9</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/754">#754</a>
from actions/Link-/add-proxy-integration-tests</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0"><code>02a8460</code></a>
Add proxy integration test</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...bbbca2ddaa5d8feaa63e36b76fdaad77386f024f">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=6.0.0&new-version=7.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Marius Storhaug <marstor@hotmail.com>
@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 27, 2026

No Significant Changes Detected

This PR does not contain changes to files that would trigger a new release:

Path Description
src/** Module source code
README.md Documentation

Build, test, and publish stages will be skipped for this PR.

If you believe this is incorrect, please verify that your changes are in the correct locations.

1 similar comment
@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 27, 2026

No Significant Changes Detected

This PR does not contain changes to files that would trigger a new release:

Path Description
src/** Module source code
README.md Documentation

Build, test, and publish stages will be skipped for this PR.

If you believe this is incorrect, please verify that your changes are in the correct locations.

@MariusStorhaug Marius Storhaug (MariusStorhaug) marked this pull request as ready for review March 27, 2026 16:33
Copilot AI review requested due to automatic review settings March 27, 2026 16:33
Copilot AI reviewed Mar 27, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates pinned GitHub Actions and PSModule action dependencies in the repository’s reusable workflows to newer versions, aiming to pick up upstream fixes without changing workflow behavior.

Changes:

  • Bump actions/download-artifact pins from v7.0.0 to v8.0.0 across workflows.
  • Bump actions/upload-artifact pin from v6.0.0 to v7.0.0 where used.
  • Bump PSModule action pins (Build-PSModule, Invoke-Pester, Publish-PSModule) to their next patch versions.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.

Show a summary per file
File Description
.github/workflows/Build-Docs.yml Updates download/upload artifact action pins used by the docs build workflow.
.github/workflows/Build-Module.yml Updates the PSModule build action pin used to build the module artifact.
.github/workflows/Build-Site.yml Updates the artifact download pin used to fetch docs for site generation.
.github/workflows/Publish-Module.yml Updates the PSModule publish action pin used for gallery publishing.
.github/workflows/Test-Module.yml Updates artifact download pins used in test and lint jobs.
.github/workflows/Test-ModuleLocal.yml Updates artifact download and Pester invocation action pins for local-module tests.

@MariusStorhaug Marius Storhaug (MariusStorhaug) merged commit 645cb19 into main Mar 27, 2026
52 of 54 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@MariusStorhaug Marius Storhaug (MariusStorhaug)

Labels

Patch

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MariusStorhaug