🩹[Patch]: Configure Dependabot for daily schedule with 7-day cooldown

[MariusStorhaug]

Improves dependency management by configuring Dependabot to check daily while preventing excessive update noise through a 7-day cooldown period. This ensures timely security updates while reducing PR churn.

• Related to PSModule workflow standardization

Dependabot configuration

Changed the update schedule from weekly to daily with a 7-day cooldown period. This provides faster detection of security vulnerabilities while avoiding duplicate PRs for the same dependency within a week.

schedule:
  interval: daily
cooldown:
  default-days: 7

Release configuration cleanup

Removed the deprecated .github/release.yml file as release notes are now managed through the Auto-Release action's automated process.

Action pinning

Pinned all GitHub Actions to specific commit SHAs for improved security and reproducibility:

• actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd (v6.0.2)
• super-linter/super-linter@d5b0a2ab116623730dd094f15ddc1b6b25bf7b99 (v8.3.2)
• PSModule/Auto-Release@eabd533035e2cb9822160f26f2eda584bd012356 (v1.9.5)
• PSModule/GitHub-Script@2010983167dc7a41bcd84cb88e698ec18eccb7ca (v1.7.8)

[Copilot]

Pull request overview

This PR aims to configure Dependabot to check for updates daily with a 7-day cooldown period. However, the PR includes additional undocumented changes to workflow files and deletion of the release configuration file.

Changes:

• Modified Dependabot configuration to use daily interval instead of weekly
• Added a cooldown configuration (which is not a valid Dependabot feature)
• Updated GitHub Actions in workflow files to use commit SHA pinning
• Deleted the .github/release.yml configuration file

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
.github/dependabot.yml	Changed schedule from weekly to daily and attempted to add cooldown configuration
.github/workflows/Linter.yml	Updated actions/checkout and super-linter to specific commit SHAs with version comments
.github/workflows/Auto-Release.yml	Updated actions/checkout and PSModule/Auto-Release to specific commit SHAs with version comments
.github/workflows/Action-Test.yml	Updated actions/checkout to specific commit SHA with version comment
.github/release.yml	Deleted entire release notes configuration file

Comments suppressed due to low confidence (1)

.github/release.yml:1

• The deletion of the release.yml configuration file is not mentioned in the PR description and appears unrelated to the stated purpose of configuring Dependabot. This file configures automatically generated release notes for GitHub releases. Removing it may affect how release notes are generated for this repository. If this deletion is intentional, it should be documented in the PR description with justification.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The 'cooldown' configuration option does not exist in Dependabot's configuration schema. As of the latest documentation, Dependabot does not support a 'cooldown' or 'default-days' option. This configuration will either be ignored or cause the Dependabot configuration to fail validation. If you want to delay updates after a release, you would need to implement this logic externally or use other Dependabot features like 'open-pull-requests-limit' to control update frequency.

Suggested change

	cooldown:
	default-days: 7

[Copilot]

The workflow file updates (pinning actions to commit SHAs with version comments) are not mentioned in the PR description. While these changes follow security best practices by pinning to specific commits, they appear to be unrelated to the stated purpose of "configuring Dependabot for daily schedule with 7-day cooldown." These changes should be documented in the PR description or moved to a separate PR for clarity.