Skip to content

chore(deps): bump marocchino/sticky-pull-request-comment from 2 to 3#57

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/marocchino/sticky-pull-request-comment-3
Closed

chore(deps): bump marocchino/sticky-pull-request-comment from 2 to 3#57
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/marocchino/sticky-pull-request-comment-3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 13, 2026

Copy link
Copy Markdown
Contributor

Bumps marocchino/sticky-pull-request-comment from 2 to 3.

Release notes

Sourced from marocchino/sticky-pull-request-comment's releases.

v3.0.0

What's Changed

  • Update node to 24
  • Update deps

New Contributors

Full Changelog: marocchino/sticky-pull-request-comment@v2.9.4...v3.0.0

v2.9.4

What's Changed

Full Changelog: marocchino/sticky-pull-request-comment@v2.9.3...v2.9.4

v2.9.3

What's Changed

  • Update deps (including security issues)
  • Test with vitest instead of jest
  • Use biome

Full Changelog: marocchino/sticky-pull-request-comment@v2.9.2...v2.9.3

v2.9.2

What's Changed

Full Changelog: marocchino/sticky-pull-request-comment@v2.9.1...v2.9.2

v2.9.1

What's Changed

... (truncated)

Commits
  • 447031a 📦️ Build
  • 43666c8 Merge pull request #1654 from marocchino/copilot/update-node-version-to-24
  • 110692e Update README.md: replace all @​v2 references with @​v3
  • 02d678b Upgrade to Node 24 and bump major version to 3.0.0
  • 05fffd2 Initial plan
  • a8dcf29 Merge pull request #1631 from marocchino/dependabot/github_actions/actions/ch...
  • 65d04ad build(deps): Bump actions/checkout from 5 to 6
  • 5060d47 Merge pull request #1622 from marocchino/dependabot/npm_and_yarn/biomejs/biom...
  • 6c08a17 build(deps-dev): Bump @​biomejs/biome from 2.2.4 to 2.3.4
  • fd19551 Merge pull request #1585 from marocchino/dependabot/npm_and_yarn/vite-7.1.5
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump marocchino/sticky-pull-request-comment from 2 to 3
3009a84 
Bumps [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment) from 2 to 3.
- [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases)
- [Commits](marocchino/sticky-pull-request-comment@v2...v3)

---
updated-dependencies:
- dependency-name: marocchino/sticky-pull-request-comment
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added 📦 Dependencies Pull requests that update a dependency file 🚀 CI/CD Continuous integration and deployment labels Mar 13, 2026
@dependabot dependabot Bot requested a review from Proskynete as a code owner March 13, 2026 07:08
@dependabot dependabot Bot added 🚀 CI/CD Continuous integration and deployment 📦 Dependencies Pull requests that update a dependency file labels Mar 13, 2026
@github-actions

github-actions Bot commented Mar 13, 2026

Copy link
Copy Markdown

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.
See the Details below.

License Issues

.github/workflows/lint-pr-title.yml

PackageVersionLicenseIssue Type
marocchino/sticky-pull-request-comment3.*.*NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
actions/marocchino/sticky-pull-request-comment 3.*.* 🟢 4.1
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Code-Review⚠️ -1Found no human activity in the last 15 changesets
Maintained⚠️ 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0

Scanned Files

  • .github/workflows/lint-pr-title.yml

@github-actions github-actions Bot added the 🤩 size/xs Extra small PR (0-10 lines) label Mar 13, 2026
@github-actions

github-actions Bot commented Mar 13, 2026

Copy link
Copy Markdown

🐳 Docker Image Size Comparison

Branch Size
Base (main) 396MB
PR (dependabot/github_actions/marocchino/sticky-pull-request-comment-3) 396MB

💡 Tip: Keep image size small using multi-stage builds and .dockerignore

@github-actions

github-actions Bot commented Apr 13, 2026

Copy link
Copy Markdown

This PR is stale because it has been open 30 days with no activity.
Remove the stale label or comment, or this will be closed in 5 days.

@github-actions github-actions Bot added the stale Inactive for 30+ days label Apr 13, 2026
@github-actions

github-actions Bot commented Apr 19, 2026

Copy link
Copy Markdown

This PR was closed because it has been inactive for 5 days since being marked as stale.

@github-actions github-actions Bot closed this Apr 19, 2026
@dependabot @github

dependabot Bot commented on behalf of github Apr 19, 2026

Copy link
Copy Markdown
Contributor Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/github_actions/marocchino/sticky-pull-request-comment-3 branch April 19, 2026 02:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Proskynete Proskynete Awaiting requested review from Proskynete Proskynete is a code owner

Assignees

No one assigned

Labels

🚀 CI/CD Continuous integration and deployment 📦 Dependencies Pull requests that update a dependency file 🤩 size/xs Extra small PR (0-10 lines) stale Inactive for 30+ days

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants