chore(ci): skip license bot actions for Dependabot PRs (#5368)

# Description of Changes ### What was changed - Added explicit conditions to exclude `dependabot[bot]` from: - GitHub App bot setup - Deleting previous license check comments - Posting license check comments on pull requests - Adjusted the summary step logic so Dependabot PRs are treated like fork PRs (summary-only, no comments). - Refactored the generated PR body formatting to use proper multi-line strings for improved readability. ### Why the change was made - Dependabot PRs cannot use repository GitHub App credentials, causing unnecessary failures in bot-related steps. - Avoids redundant or failing comment actions on automated dependency update PRs. - Improves clarity and robustness of the CI workflow when handling different PR actors. --- ## Checklist ### General - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [ ] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### Translations (if applicable) - [ ] I ran [`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details.
2026-02-01 20:10:35 +01:00 · 2025-12-31 19:09:58 +01:00 · 2025-12-31 19:09:58 +01:00 · 991d158cb8
commit 991d158cb8
parent 02f9785212
2 changed files with 24 additions and 15 deletions
--- a/.github/labeler-config-srvaroa.yml
+++ b/.github/labeler-config-srvaroa.yml
@ -67,6 +67,8 @@ labels:
      - 'app/core/src/main/java/stirling/software/SPDF/UI/.*'
      - 'app/proprietary/src/main/java/stirling/software/proprietary/security/controller/web/.*'
      - 'frontend/**'
+      - 'frontend/.*'
+      - 'frontend/**/.*'

  - label: 'Tauri'
    files:
--- a/.github/workflows/frontend-backend-licenses-update.yml
+++ b/.github/workflows/frontend-backend-licenses-update.yml
@ -60,7 +60,7 @@ jobs:
          persist-credentials: false

      - name: Setup GitHub App Bot
-        if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false)
+        if: (github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false)) && github.actor != 'dependabot[bot]'
        id: setup-bot
        uses: ./.github/actions/setup-bot
        with:
@ -134,7 +134,7 @@ jobs:

      # PR Event: Check licenses and comment on PR
      - name: Delete previous license check comments
-        if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false
+        if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false) && github.actor != 'dependabot[bot]'
        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        with:
          github-token: ${{ steps.setup-bot.outputs.token }}
@ -167,7 +167,7 @@ jobs:
            }

      - name: Summarize results (fork PRs)
-        if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == true
+        if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == true) || github.actor == 'dependabot[bot]'
        run: |
          {
            echo "## Frontend License Check"
@ -187,7 +187,7 @@ jobs:
          } >> "$GITHUB_STEP_SUMMARY"

      - name: Comment on PR - License Check Results
-        if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false
+        if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false) && github.actor != 'dependabot[bot]'
        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        with:
          github-token: ${{ steps.setup-bot.outputs.token }}
@ -208,9 +208,9 @@ jobs:
              } catch (e) {
                warningDetails = 'Unable to read warning details';
              }
-              
+
              commentBody = `## ❌ Frontend License Check Failed
-              
+
              The frontend license check has detected compatibility warnings that require review:

              ${warningDetails}
@ -220,7 +220,7 @@ jobs:
              _This check will fail the PR until license issues are resolved._`;
            } else {
              commentBody = `## ✅ Frontend License Check Passed
-              
+
              All frontend licenses have been validated and no compatibility warnings were detected.

              The frontend license report has been updated successfully.`;
@ -323,7 +323,7 @@ jobs:
          persist-credentials: false

      - name: Setup GitHub App Bot
-        if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false)
+        if: (github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false)) && github.actor != 'dependabot[bot]'
        id: setup-bot
        uses: ./.github/actions/setup-bot
        with:
@ -368,7 +368,7 @@ jobs:
          cp build/reports/dependency-license/index.json app/core/src/main/resources/static/3rdPartyLicenses.json

      - name: Delete previous backend license check comments
-        if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false
+        if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false) && github.actor != 'dependabot[bot]'
        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        with:
          github-token: ${{ steps.setup-bot.outputs.token }}
@ -398,7 +398,7 @@ jobs:
            }

      - name: Comment on PR - Backend License Check Results
-        if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false
+        if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false) && github.actor != 'dependabot[bot]'
        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        with:
          github-token: ${{ steps.setup-bot.outputs.token }}
@ -424,7 +424,7 @@ jobs:
            let commentBody;
            if (hasWarnings) {
              commentBody = `## ❌ Backend License Check Failed
-              
+
              The backend license check has detected dependencies with incompatible or unallowed licenses:

              ${warningDetails || 'See uploaded artifact for details.'}
@ -434,9 +434,9 @@ jobs:
              _This check will fail the PR until license issues are resolved._`;
            } else {
              commentBody = `## ✅ Backend License Check Passed
-              
+
              All backend dependencies have valid and allowed licenses.
-              
+
              The backend license report has been updated successfully.`;
            }

@ -464,9 +464,16 @@ jobs:
      - name: Prepare PR body (push only)
        if: github.event_name == 'push' && env.CHANGES_DETECTED == 'true'
        run: |
-          PR_BODY="Auto-generated by ${{ steps.setup-bot.outputs.app-slug }}[bot]\n\nThis PR updates the backend license report based on dependency changes."
+          PR_BODY="Auto-generated by ${{ steps.setup-bot.outputs.app-slug }}[bot]
+
+          This PR updates the backend license report based on dependency changes."
+
          if [ "${{ env.LICENSE_WARNINGS_EXIST }}" = "true" ]; then
-            PR_BODY="$PR_BODY\n\n## ⚠️ License Compatibility Warnings\n\nIncompatible licenses detected – manual review required before merge."
+            PR_BODY="$PR_BODY
+
+          ## ⚠️ License Compatibility Warnings
+
+          Incompatible licenses detected – manual review required before merge."
          fi
          echo "PR_BODY<<EOF" >> $GITHUB_ENV
          echo "$PR_BODY" >> $GITHUB_ENV