Standardize PowerShell script requirements header block

[WilliamBerryiii]

Summary

Add a standardized requirements header block to all production PowerShell scripts to ensure consistent error handling, PowerShell version requirements, and strict mode enforcement.

Problem

Scripts in scripts/ have inconsistent header configurations:

Script	#Requires -Version	Set-StrictMode	$ErrorActionPreference
linting/Invoke-YamlLint.ps1	✅ Line 31	❌	❌
linting/Markdown-Link-Check.ps1	✅ Line 2	❌	❌
linting/Validate-MarkdownFrontmatter.ps1	✅ Line 13	❌	❌
linting/Invoke-PSScriptAnalyzer.ps1	❌	❌	❌
linting/Invoke-LinkLanguageCheck.ps1	❌	❌	❌
linting/Link-Lang-Check.ps1	❌	❌	❌
security/Test-DependencyPinning.ps1	❌	❌	✅ Line 116
security/Test-SHAStaleness.ps1	❌	❌	❌
security/Update-ActionSHAPinning.ps1	❌	✅ Line 48	✅ Line 49
extension/Package-Extension.ps1	❌	❌	✅ Line 338
extension/Prepare-Extension.ps1	❌	❌	✅ Line 56
lib/Get-VerifiedDownload.ps1	❌	❌	✅ Line 355
dev-tools/Generate-PrReference.ps1	❌	❌	✅ Line 25

This inconsistency causes:

• Variable typos to fail silently without strict mode
• Scripts to behave differently across PowerShell versions
• Inconsistent error propagation in CI pipelines

Scope

In-scope scripts (13 files):

• scripts/linting/*.ps1 (6 files)
• scripts/security/*.ps1 (3 files)
• scripts/extension/*.ps1 (2 files)
• scripts/lib/*.ps1 (1 file)
• scripts/dev-tools/*.ps1 (1 file)

Out-of-scope:

• scripts/tests/**/*.ps1 - Test files follow Pester conventions
• .psm1 module files - Headers not applicable

Solution

Add this standardized header block immediately after the comment-based help block and before the param() block:

#Requires -Version 7.0
Set-StrictMode -Version Latest
$ErrorActionPreference = 'Stop'

Example: Before (Invoke-PSScriptAnalyzer.ps1)

#!/usr/bin/env pwsh
#
# Invoke-PSScriptAnalyzer.ps1
#
# Purpose: Wrapper for PSScriptAnalyzer with GitHub Actions integration
# Author: HVE Core Team
# Created: 2025-11-05

[CmdletBinding()]
param(

Example: After (Invoke-PSScriptAnalyzer.ps1)

#!/usr/bin/env pwsh
#
# Invoke-PSScriptAnalyzer.ps1
#
# Purpose: Wrapper for PSScriptAnalyzer with GitHub Actions integration
# Author: HVE Core Team
# Created: 2025-11-05

#Requires -Version 7.0
Set-StrictMode -Version Latest
$ErrorActionPreference = 'Stop'

[CmdletBinding()]
param(

Implementation Tasks

Files requiring full header addition:

• scripts/linting/Invoke-PSScriptAnalyzer.ps1 - Insert after line 9
• scripts/linting/Invoke-LinkLanguageCheck.ps1 - Insert after line 9
• scripts/linting/Link-Lang-Check.ps1 - Insert after line 44
• scripts/security/Test-SHAStaleness.ps1 - Insert after line 48

Files requiring partial addition:

• scripts/linting/Invoke-YamlLint.ps1 - Has #Requires at line 31; add other two lines
• scripts/linting/Markdown-Link-Check.ps1 - Has #Requires at line 2; add other two lines
• scripts/linting/Validate-MarkdownFrontmatter.ps1 - Has #requires at line 13; add other two lines
• scripts/security/Update-ActionSHAPinning.ps1 - Has lines 48-49; add #Requires before them

Files requiring consolidation (move $ErrorActionPreference to header):

• scripts/security/Test-DependencyPinning.ps1 - Move from line 116
• scripts/extension/Package-Extension.ps1 - Move from line 338
• scripts/extension/Prepare-Extension.ps1 - Move from line 56
• scripts/lib/Get-VerifiedDownload.ps1 - Move from line 355
• scripts/dev-tools/Generate-PrReference.ps1 - Move from line 25

Validation

npm run psscriptanalyzer

Acceptance Criteria

• All 13 in-scope scripts have the standardized header block
• #Requires -Version 7.0 appears before param() in each script
• Set-StrictMode -Version Latest appears immediately after #Requires
• $ErrorActionPreference = 'Stop' appears immediately after Set-StrictMode
• No duplicate $ErrorActionPreference assignments remain in script bodies
• PSScriptAnalyzer passes with no new issues