ci: tolerate conflict comment permission errors

[thepastaclaw]

PR: tolerate conflict comment permission errors

Summary

• upgrade the conflict-prediction sticky-comment action to
  mshick/add-pr-comment@v3
• make both sticky-comment publication/removal steps non-fatal
• keep the existing final Fail if conflicts exist gate authoritative

Closes #7268.

Motivation

Fork/review-triggered predict_conflicts runs can fail with
Resource not accessible by integration while trying to update PR comments,
even when conflict detection itself has already completed. Comment delivery
should be best-effort; actual conflicts should continue to be enforced by the
final gate step.

Validation

• Parsed .github/workflows/predict-conflicts.yml with yaml.safe_load.
• Ran git diff --check upstream/master...HEAD.
• Ran pre-PR code review:
  code-review dashpay/dash upstream/master ci-predict-conflicts-comment-resilience.
  Result: Recommendation: ship.

[thepastaclaw]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[github-actions]

✅ No Merge Conflicts Detected

This PR currently has no conflicts with other open PRs.

[thepastaclaw]

✅ Review complete (commit 6948ad3)

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 488e99cd-88ac-44fe-86e2-a105c2474bbf

📥 Commits

Reviewing files that changed from the base of the PR and between b564a33 and 0849723.

📒 Files selected for processing (1)

• .github/workflows/predict-conflicts.yml

---

Walkthrough

The PR updates the GitHub Actions workflow file to upgrade the mshick/add-pr-comment action from v2 to v3. This version bump is applied to both the workflow steps that post conflict detection comments—one for the case when conflicts are detected and another for when no conflicts are found. The conditional logic, error handling, and message payloads remain unchanged; only the action version changes.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: updating the workflow to tolerate permission errors when posting PR comments.
Description check	✅ Passed	The description is clearly related to the changeset, explaining the upgrade to mshick/add-pr-comment@v3 and the motivation for making comment steps non-fatal.
Linked Issues check	✅ Passed	The PR fulfills the linked issue #7268 objective by upgrading to mshick/add-pr-comment@v3 and making comment-update steps non-fatal to tolerate permission errors.
Out of Scope Changes check	✅ Passed	All changes are scoped to the .github/workflows/predict-conflicts.yml file and directly address the linked issue's requirement to guard comment-update steps.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[thepastaclaw]

Code Review

Small, well-scoped CI fix that upgrades the sticky-comment action to mshick/add-pr-comment@v3 and marks comment publication/removal as continue-on-error, while preserving the final 'Fail if conflicts exist' step as the authoritative gate. Verified at 6948ad3: only .github/workflows/predict-conflicts.yml is touched, the conflict enforcement step (line 60-62) remains unchanged, and continue-on-error correctly scopes only to comment-posting failures. No blocking issues; the two nitpicks are pre-existing observations unrelated to this PR's scope.

Reviewed commit: 6948ad3

💬 2 nitpick(s)

1 additional finding

💬 nitpick: 'Remove conflict comment' step overwrites rather than removes

.github/workflows/predict-conflicts.yml (lines 50-59)

Pre-existing behavior, untouched by this PR: the if: ... == 'false' branch calls add-pr-comment with a 'No Merge Conflicts Detected' body rather than removing the prior sticky. Because both steps share message-id: conflict-prediction, the action overwrites the existing sticky comment, so the net visible effect is acceptable. The step name slightly mismatches its behavior. Not in scope; calling out only because the PR description mentions 'removal' semantics.

[thepastaclaw]

💬 Nitpick: Floating @V3 tag for third-party action

Both updated steps reference mshick/add-pr-comment@v3 by floating major-version tag rather than a pinned commit SHA. This matches existing convention in this workflow (actions/checkout@v4, PastaPastaPasta/potential-conflicts-checker-action@v0.1.10), so it is not a regression. Worth noting that the workflow runs with pull-requests: write and is triggered by pull_request_target / pull_request_review, so a compromised tag could in principle act on PRs. Out of scope for this PR; pinning policy would be a cross-workflow change.

_{source: ['claude']}

[thepastaclaw]

/rerun