Skip to content

Add PSScriptAnalyzer CI validation for all PowerShell scripts#9

Merged
BenjaminMichaelis merged 2 commits into
mainfrom
copilot/validate-powershell-scripts
Mar 3, 2026
Merged

Add PSScriptAnalyzer CI validation for all PowerShell scripts#9
BenjaminMichaelis merged 2 commits into
mainfrom
copilot/validate-powershell-scripts

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Mar 3, 2026
edited
Loading

All 20 .ps1 files in the repo lacked any automated linting or static analysis in CI. Only the git-hooks Pester tests ran, leaving Profile.ps1, install.ps1, and all bucket/ scripts unchecked.

Changes

  • PSScriptAnalyzerSettings.psd1 — Repo-root settings file with 13 curated rule exclusions tuned for personal config/utility scripts (standalone hooks and profiles, not exported module cmdlets). Each exclusion is justified inline, e.g.:

    • PSAvoidUsingInvokeExpression — standard Chocolatey bootstrap and oh-my-posh init patterns
    • PSUseApprovedVerbs / PSUseSingularNouns — private helper functions, not public cmdlets
    • PSAvoidUsingEmptyCatchBlock — intentional resilience in Profile.ps1 (TLS setup, mutex cleanup)

  • .github/workflows/validate-powershell.yml — New workflow that runs Invoke-ScriptAnalyzer -Recurse against the entire repo on any .ps1, settings file, or workflow file change. Fails fast on any finding. Complements test-git-hooks.yml (Pester) without duplicating it.

- name: Run PSScriptAnalyzer on all PowerShell scripts
  shell: pwsh
  run: |
    $results = Invoke-ScriptAnalyzer -Path . -Recurse -Settings PSScriptAnalyzerSettings.psd1
    if ($results) {
      $results | Format-Table -AutoSize
      Write-Error "PSScriptAnalyzer found $($results.Count) issue(s)."
      exit 1
    }

The settings baseline is green on the current codebase; future PRs touching any .ps1 file will be gated against this check.

Original prompt

This section details on the original issue you should resolve

<issue_title>Validate all powershell scripts</issue_title>
<issue_description>Validate all powershell scripts including in CI (github actions) using things like https://github.com/PowerShell/PSScriptAnalyzer to make sure syntax is valid, they are written well, they work and such.</issue_description>

<agent_instructions>Make sure we also run these checks in CI and reduce duplication while increasing coverage of anything in the repo.</agent_instructions>

Comments on the Issue (you are @copilot in this section)

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

@BenjaminMichaelis
Add PSScriptAnalyzer validation for all PowerShell scripts in CI
6c198fa 
Co-authored-by: BenjaminMichaelis <22186029+BenjaminMichaelis@users.noreply.github.com>
Copilot AI changed the title [WIP] Validate all PowerShell scripts in CI Add PSScriptAnalyzer CI validation for all PowerShell scripts Mar 3, 2026
@BenjaminMichaelis BenjaminMichaelis marked this pull request as ready for review March 3, 2026 23:08
@BenjaminMichaelis BenjaminMichaelis merged commit 197dc52 into main Mar 3, 2026
2 checks passed
@BenjaminMichaelis BenjaminMichaelis deleted the copilot/validate-powershell-scripts branch March 3, 2026 23:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@BenjaminMichaelis BenjaminMichaelis

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Validate all powershell scripts

2 participants

@BenjaminMichaelis