Skip to content

Update PR comment behavior for on-failure mode #941

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Update PR comment behavior for on-failure mode #941

wants to merge 2 commits into from

Conversation

sgmurphy
Copy link
Contributor

@sgmurphy sgmurphy commented Jun 17, 2025
edited
Loading

Summary

Changes

  • Modified comment-pr.ts to handle success cases in on-failure mode by updating existing comments
  • Added hasExistingComment helper function to check for existing dependency review comments
  • Added comprehensive test suite covering all comment modes and scenarios

Test plan

  • All existing tests pass
  • New tests cover all comment modes (always, never, on-failure)
  • Tests verify proper comment creation, updating, and skipping behavior
  • Edge cases handled (non-PR context, multiple comments)

Demo

Live demonstration of the enhanced functionality:

Demo 1: Enhanced on-failure mode behavior

sgmurphy/fictional-garbanzo#1

  • Demonstrates improved comment behavior in on-failure mode
  • Shows comment creation when vulnerabilities are found
  • Shows comment updating (not creating new ones) when vulnerabilities are resolved
  • Prevents comment spam by reusing existing comments

Demo 2: never mode validation

sgmurphy/fictional-garbanzo#2

  • Validates that comment-summary-in-pr: never properly suppresses all comments
  • Even with vulnerabilities present, no PR comments are created
  • Ensures "never" mode works correctly with the enhanced logic

@sgmurphy
Update PR comment behavior for on-failure mode
f21eb50 
When comment_summary_in_pr is set to 'on-failure', the action now updates
existing comments when issues are resolved in subsequent runs, providing
clear feedback that dependency issues have been fixed.
@sgmurphy sgmurphy force-pushed the update-pr-comment branch from fb6f77d to f21eb50 Compare June 17, 2025 20:57
@sgmurphy sgmurphy marked this pull request as ready for review June 17, 2025 20:58
@sgmurphy sgmurphy requested a review from a team as a code owner June 17, 2025 20:58
@sgmurphy sgmurphy mentioned this pull request Aug 2, 2025
Open
@sgmurphy
Copy link
Contributor Author

sgmurphy commented Aug 2, 2025

Hey @dangoor 👋 , any chance I could get a review 👀 on this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Mark previous PR comment as outdated
1 participant
@sgmurphy