You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Test-DependencyPinning.ps1 and SecurityClasses.psm1 use two different timestamp formats: Get-Date -Format "o" (local offset) and a fake UTC format 'yyyy-MM-ddTHH:mm:ss.fffZ' in the ComplianceReport class. Replace both with Get-StandardTimestamp from CIHelpers.psm1 for consistent ISO 8601 UTC timestamps across all log outputs.
Current Behavior
Test-DependencyPinning.ps1 generates timestamps using Get-Date -Format "o", which includes the local timezone offset.
SecurityClasses.psm1 ComplianceReport uses format string 'yyyy-MM-ddTHH:mm:ss.fffZ' which appends a literal Z without actually converting to UTC — producing a misleading "fake UTC" timestamp.
Expected Behavior
Both files use Get-StandardTimestamp from CIHelpers.psm1, producing genuine UTC timestamps ending in Z.
Root Cause
The scripts were developed independently and chose their own timestamp formats before a shared utility existed. The ComplianceReport format is particularly problematic because it appears to be UTC but is not.
Files Requiring Changes
File
Change
scripts/security/Test-DependencyPinning.ps1
Replace Get-Date -Format "o" with Get-StandardTimestamp
scripts/security/Modules/SecurityClasses.psm1
Replace fake UTC format in ComplianceReport with Get-StandardTimestamp
Select Task Researcher from the agent picker at the bottom of the GitHub Copilot Chat prompt pane, then send the following prompt:
Research timestamp standardization in Test-DependencyPinning.ps1 and SecurityClasses.psm1. Investigate: (1) Read both files and find all timestamp usages (exact line numbers). (2) Verify Get-StandardTimestamp is available in CIHelpers.psm1 (from Issue #993). (3) Determine whether each file already imports CIHelpers.psm1 or needs an import added. (4) In SecurityClasses.psm1, understand how ComplianceReport constructs its timestamp and whether the class constructor or a method sets it. (5) Check existing Pester tests for timestamp-related assertions that may need updating. (6) Identify any callers that depend on the current timestamp format.
Phase 2: Plan
Select Task Planner from the agent picker at the bottom of the GitHub Copilot Chat prompt pane, then send the following prompt:
Plan timestamp standardization for Test-DependencyPinning.ps1 and SecurityClasses.psm1 using the research document. The plan should cover: (1) Replacing all timestamp expressions with Get-StandardTimestamp calls in both files. (2) Importing CIHelpers.psm1 if not already imported. (3) Updating Pester tests to verify the new timestamp format. (4) Special attention to the SecurityClasses ComplianceReport class — ensure the fake UTC format is replaced with genuine UTC. (5) Validation: npm run test:ps, npm run lint:ps.
Phase 3: Implement
Select Task Implementor from the agent picker at the bottom of the GitHub Copilot Chat prompt pane, then send the following prompt:
Implement timestamp standardization for Test-DependencyPinning.ps1 and SecurityClasses.psm1 following the plan. Steps: (1) Replace Get-Date -Format "o" in Test-DependencyPinning.ps1 with Get-StandardTimestamp. (2) Replace fake UTC format in SecurityClasses.psm1 ComplianceReport with Get-StandardTimestamp. (3) Add CIHelpers.psm1 import if needed in both files. (4) Update Pester test assertions for timestamp format. (5) Run npm run lint:ps and npm run test:ps. (6) Run the security validation npm command and verify the JSON output contains standardized UTC ISO 8601 timestamps.
Phase 4: Review
Select Task Reviewer from the agent picker at the bottom of the GitHub Copilot Chat prompt pane, then send the following prompt:
Review timestamp standardization for Test-DependencyPinning.ps1 and SecurityClasses.psm1. Verify: (1) All local and fake UTC timestamp expressions are replaced with Get-StandardTimestamp. (2) CIHelpers.psm1 is imported in both files. (3) JSON output timestamps are genuine ISO 8601 UTC ending in Z. (4) The ComplianceReport no longer uses the misleading fake UTC format. (5) No other logic was changed. (6) Pester tests updated and passing. (7) npm run lint:ps clean.
Summary
Test-DependencyPinning.ps1andSecurityClasses.psm1use two different timestamp formats:Get-Date -Format "o"(local offset) and a fake UTC format'yyyy-MM-ddTHH:mm:ss.fffZ'in the ComplianceReport class. Replace both withGet-StandardTimestampfrom CIHelpers.psm1 for consistent ISO 8601 UTC timestamps across all log outputs.Current Behavior
Test-DependencyPinning.ps1generates timestamps usingGet-Date -Format "o", which includes the local timezone offset.SecurityClasses.psm1ComplianceReport uses format string'yyyy-MM-ddTHH:mm:ss.fffZ'which appends a literalZwithout actually converting to UTC — producing a misleading "fake UTC" timestamp.Expected Behavior
Both files use
Get-StandardTimestampfrom CIHelpers.psm1, producing genuine UTC timestamps ending inZ.Root Cause
The scripts were developed independently and chose their own timestamp formats before a shared utility existed. The ComplianceReport format is particularly problematic because it appears to be UTC but is not.
Files Requiring Changes
scripts/security/Test-DependencyPinning.ps1Get-Date -Format "o"withGet-StandardTimestampscripts/security/Modules/SecurityClasses.psm1Get-StandardTimestampFix Guidance
Get-StandardTimestampis available (requires Issue Add Get-StandardTimestamp utility to CIHelpers module #993 merged first).Test-DependencyPinning.ps1: findGet-Date -Format "o"and replace withGet-StandardTimestamp.SecurityClasses.psm1: find the ComplianceReport timestamp line using format'yyyy-MM-ddTHH:mm:ss.fffZ'and replace withGet-StandardTimestamp.Depends on: #993 (Get-StandardTimestamp utility)
RPI Framework Starter Prompts
Phase 1: Research
Select Task Researcher from the agent picker at the bottom of the GitHub Copilot Chat prompt pane, then send the following prompt:
Phase 2: Plan
Select Task Planner from the agent picker at the bottom of the GitHub Copilot Chat prompt pane, then send the following prompt:
Phase 3: Implement
Select Task Implementor from the agent picker at the bottom of the GitHub Copilot Chat prompt pane, then send the following prompt:
Phase 4: Review
Select Task Reviewer from the agent picker at the bottom of the GitHub Copilot Chat prompt pane, then send the following prompt:
References
scripts/security/Test-DependencyPinning.ps1— target scriptscripts/security/Modules/SecurityClasses.psm1— target module (ComplianceReport class)scripts/lib/Modules/CIHelpers.psm1—Get-StandardTimestampsource