✨refactor: update GitGuardian and PSScriptAnalyzer workflows for improved scanning and analysis

SamErde · SamErde · commit a9ef14ff6b2d · 2025-09-08T09:50:56.000-04:00
diff --git a/.github/workflows/GitGuardian.yml b/.github/workflows/GitGuardian.yml
@@ -2,19 +2,19 @@
 ---
 name: GitGuardian
 
-on: [push, pull_request]
+on: [push]
 
 jobs:
   scanning:
-    name: GitGuardian scan
+    name: GitGuardian Scan
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
         uses: actions/checkout@v4
         with:
           fetch-depth: 0 # fetch all history so multiple commits can be scanned
-      - name: GitGuardian scan
-        uses: GitGuardian/ggshield-action@v1.23.0
+      - name: GitGuardian Scan
+        uses: GitGuardian/ggshield-action@v1.30.0
         env:
           GITHUB_PUSH_BEFORE_SHA: ${{ github.event.before }}
           GITHUB_PUSH_BASE_SHA: ${{ github.event.base }}
diff --git a/.github/workflows/MegaLinter.yml b/.github/workflows/MegaLinter.yml
@@ -47,7 +47,7 @@ jobs:
 
         # You can override MegaLinter flavor used to have faster performances
         # More info at https://megalinter.io/flavors/
-        uses: oxsecurity/megalinter/flavors/dotnet@v8.0.0
+        uses: oxsecurity/megalinter/flavors/dotnet@v8
 
         id: ml
 
diff --git a/.github/workflows/PSScriptAnalyzer.yml b/.github/workflows/PSScriptAnalyzer.yml
@@ -1,19 +1,11 @@
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
-#
-# https://github.com/microsoft/action-psscriptanalyzer
-# For more information on PSScriptAnalyzer in general, see
+# PSScriptAnalyzer
+# https://github.com/microsoft/psscriptanalyzer-action
 # https://github.com/PowerShell/PSScriptAnalyzer
 ---
 name: PSScriptAnalyzer
 
 on:
   push:
-    branches: ["main"]
-  pull_request:
-    branches: ["main"]
 
 permissions:
   contents: read
@@ -30,14 +22,14 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: 🕵️‍♂️ Run PSScriptAnalyzer
-        uses: microsoft/psscriptanalyzer-action@6b2948b1944407914a58661c49941824d149734f
+        uses: microsoft/psscriptanalyzer-action@1.1
         with:
-          # Check https://github.com/microsoft/action-psscriptanalyzer for more info about the options.
           # The below set up runs PSScriptAnalyzer to your entire repository and runs some basic security rules.
           path: .\
           recurse: true
           # Include your own basic security rules. Removing this option will run all the rules
           includeRule: '"PSAvoidGlobalAliases", "PSAvoidUsingConvertToSecureStringWithPlainText"'
+          excludeRule: '"PSAvoidLongLines"'
           output: results.sarif
 
       # Upload the SARIF file generated in the previous step
