ci(deps): bump the all group with 3 updates

[dependabot]

Bumps the all group with 3 updates: actions/create-github-app-token, marocchino/sticky-pull-request-comment and rojopolis/spellcheck-github-actions.

Updates actions/create-github-app-token from 2.2.1 to 3.0.0

Release notes

Sourced from actions/create-github-app-token's releases.

v3.0.0

3.0.0 (2026-03-14)

• feat!: node 24 support (#275) (2e564a0)
• fix!: require NODE_USE_ENV_PROXY for proxy support (#342) (4451bcb)

Bug Fixes

• remove custom proxy handling (#143) (dce0ab0)

BREAKING CHANGES

• Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.
• Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner.

v3.0.0-beta.6

3.0.0-beta.6 (2026-03-13)

Bug Fixes

• deps: bump @​actions/core from 1.11.1 to 3.0.0 (#337) (b044133)
• deps: bump minimatch from 9.0.5 to 9.0.9 (#335) (5cbc656)
• deps: bump the production-dependencies group with 4 updates (#336) (6bda5bc)
• deps: bump undici from 7.16.0 to 7.18.2 (#323) (b4f638f)

v3.0.0-beta.5

3.0.0-beta.5 (2026-03-13)

• fix!: require NODE_USE_ENV_PROXY for proxy support (#342) (d53a1cd)

BREAKING CHANGES

• Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.

v3.0.0-beta.4

3.0.0-beta.4 (2026-03-13)

Bug Fixes

• deps: bump @​octokit/auth-app from 7.2.1 to 8.0.1 (#257) (bef1eaf)
• deps: bump @​octokit/request from 9.2.3 to 10.0.2 (#256) (5d7307b)
• deps: bump glob from 10.4.5 to 10.5.0 (#305) (5480f43)
• deps: bump p-retry from 6.2.1 to 7.1.0 (#294) (dce3be8)

... (truncated)

Commits

• f8d387b build(release): 3.0.0 [skip ci]
• d2129bd style: remove extra blank line in release workflow
• 77b94ef build: refresh generated artifacts
• 3ab4c66 chore: move undici to devDependencies
• 739cf66 docs: update README action versions
• db40289 build(deps): bump actions versions in test.yml
• 496a7ac test: migrate from AVA to Node.js native test runner (#346)
• 3870dc3 Rename end-to-end proxy job in test workflow
• 4451bcb fix!: require NODE_USE_ENV_PROXY for proxy support (#342)
• dce0ab0 fix: remove custom proxy handling (#143)
• Additional commits viewable in compare view

Updates marocchino/sticky-pull-request-comment from 2.9.4 to 3.0.2

Release notes

Sourced from marocchino/sticky-pull-request-comment's releases.

v3.0.2

What's Changed

• Add comprehensive tests for main.ts covering all branches by @​Copilot in marocchino/sticky-pull-request-comment#1660
• Don't create a comment with hide: true by @​marocchino in marocchino/sticky-pull-request-comment#1661

Full Changelog: marocchino/sticky-pull-request-comment@v3.0.1...v3.0.2

v3.0.1

What's Changed

• Update deps
• Change build system from ncc to rollup
• Use pull_request trigger in github action

Full Changelog: marocchino/sticky-pull-request-comment@v3.0.0...v3.0.1

v3.0.0

What's Changed

• Update node to 24
• Update deps

New Contributors

Full Changelog: marocchino/sticky-pull-request-comment@v2.9.4...v3.0.0

Commits

• 70d2764 📦️ Build
• 308b2fd Don't create a comment with hide: true (#1661)
• 3bbec31 Add comprehensive tests for main.ts covering all branches (#1660)
• aaf6178 🔖 Version bump (#1658)
• 7d67ef6 👷 Use pull_request
• 1ed3d7b ⬆️ Update deps
• 46a16ec build(deps-dev): Bump @​types/node from 24.5.2 to 25.0.3 (#1646)
• 0a36b9e build(deps): Bump @​actions/core from 1.11.1 to 2.0.2 (#1649)
• 74297c9 build(deps-dev): Bump @​vercel/ncc from 0.38.3 to 0.38.4 (#1592)
• e736d73 📦️ Build
• Additional commits viewable in compare view

Updates rojopolis/spellcheck-github-actions from 0.59.0 to 0.60.0

Release notes

Sourced from rojopolis/spellcheck-github-actions's releases.

0.60.0

What's Changed

• Bump rojopolis/spellcheck-github-actions from 0.58.0 to 0.59.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#327
• Bump actions/upload-artifact from 6.0.0 to 7.0.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#326
• Bump docker/metadata-action from 5.10.0 to 6.0.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#332
• Bump docker/login-action from 3.7.0 to 4.0.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#333
• Bump docker/setup-buildx-action from 3.12.0 to 4.0.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#329
• Bump docker/build-push-action from 6.19.2 to 7.0.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#330
• Bump docker/setup-qemu-action from 3.7.0 to 4.0.0 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#331
• Bump python from 486b809 to 6a27522 by @​dependabot[bot] in rojopolis/spellcheck-github-actions#325
• More correct error message, issue #328 by @​jonasbn in rojopolis/spellcheck-github-actions#334
• Preparing release 0.60.0 by @​jonasbn in rojopolis/spellcheck-github-actions#335

Full Changelog: rojopolis/spellcheck-github-actions@0.59.0...0.60.0

Changelog

Sourced from rojopolis/spellcheck-github-actions's changelog.

Change Log for spellcheck-github-actions

0.60, 2026-03-14, minor feature release, update not required

• Docker based image updated for Python 3.14.3 slim trixie via PR #325 from Dependabot.

• Cleaned up the error messaging, to address issue #328 from @​akohout-hai, the error message is now more correct, but not improved in general

0.59.0, 2026-03-02, feature release, update recommended

• Improvements have been added to the docker entrypoint, based on a PR from @​akohout-hai which fixes an issue with handling of spaces in files names and directories, see PR #322 for details. This is his first contribution to the project and I want to thank him for his contribution, which is highly appreciated.

• Docker based image updated to Python 3.14.3 slim trixie via PR #320 from Dependabot.

0.58.0, 2026-01-20, security release, update not required

• A minor security issue in the dependency: pymdown-extensions, which is used by the core component PySpelling
  • GHSA-r6h4-mm7h-8pmq
  • Original issue: facelessuser/pymdown-extensions#2716

0.57.0, 2026-01-14, maintenance release, update not required

• Docker based image updated to Python 3.14.2 slim trixie via PR #310 from Dependabot. The version is the same, the image has had updates.

0.56.0, 2025-12-27, feature and maintenance release, update not required

• Support for Portuguese (Portugal and Brazil) for both Hunspell and Aspell, requested by: @​mdiazgoncalves via issue #298
• Docker image updated to Python 3.14.2 trixie slim Release notes for Python 3.14.2

0.55.0, 2025-11-27, maintenance release, update not required

• Via an issue #293 from @​shoverbj, an update to the core component PySpelling from version 2.12.0 to version 2.12.1 was made, this allows for use of large dictionaries with Aspell

0.54.0, 2025-11-05, feature release, update not required

• PySpelling the core component has been updated to version 2.12.0, which introduces support for maximum available cores. The feature is described in the release notes for PySpelling 2.12.0. See the documentation for PySpelling.

• The flag was introduced with release 2.10 of PySpelling, which was adopted in release 0.36.0 of this action.

0.53.0, 2025-10-25, maintenance release, update not required

• Docker image updated to Python 3.14.0 trixie slim Release notes for Python 3.14.0, this originated from the PR mentioned below, however updated to Trixie from Bookworm and as always the slim variant is used

• Bumped the requirement for cython to 3.0.11 or above, addressing a build issue with lxml, located when testing the PR : #274 from @​dependabot, the above update of Python

• In general the Docker build file had a few updates since the above changes required some tweaking of the Dockerfile

  • Order of installation of dependencies adjusted to ensure that lxml can build correctly
  • Installation of:
    • build-essential
    • pkg-config

... (truncated)

Commits

• e3cd8e9 Merge pull request #335 from rojopolis/release_candidate_0.60.0
• 1d3820d Preparing release 0.60.0
• bafc7d3 More correct error message, issue #328 (#334)
• df486cb Added update of Docker base image
• 6d6eb52 Bump python from 486b809 to 6a27522 (#325)
• 631e4a7 Bump docker/setup-qemu-action from 3.7.0 to 4.0.0 (#331)
• ebefb9d Bump docker/build-push-action from 6.19.2 to 7.0.0 (#330)
• b3b2580 Bump docker/setup-buildx-action from 3.12.0 to 4.0.0 (#329)
• dc29b58 Bump docker/login-action from 3.7.0 to 4.0.0 (#333)
• 5d55413 Bump docker/metadata-action from 5.10.0 to 6.0.0 (#332)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Static Web App Preview

Environment	Deployment
pr81	View workflow run

Deployed from commit d11518303caf7cf864710211fcc2f864b425fee5 via the publisher workflow.