From 991d158cb88ebdea136c9870713652001b21ac2a Mon Sep 17 00:00:00 2001
From: Ludy <Ludy87@users.noreply.github.com>
Date: Wed, 31 Dec 2025 19:09:58 +0100
Subject: [PATCH] chore(ci): skip license bot actions for Dependabot PRs
 (#5368)

# Description of Changes

### What was changed
- Added explicit conditions to exclude `dependabot[bot]` from:
  - GitHub App bot setup
  - Deleting previous license check comments
  - Posting license check comments on pull requests
- Adjusted the summary step logic so Dependabot PRs are treated like
fork PRs (summary-only, no comments).
- Refactored the generated PR body formatting to use proper multi-line
strings for improved readability.

### Why the change was made
- Dependabot PRs cannot use repository GitHub App credentials, causing
unnecessary failures in bot-related steps.
- Avoids redundant or failing comment actions on automated dependency
update PRs.
- Improves clarity and robustness of the CI workflow when handling
different PR actors.

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### Translations (if applicable)

- [ ] I ran
[`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
---
 .github/labeler-config-srvaroa.yml            |  2 +
 .../frontend-backend-licenses-update.yml      | 37 +++++++++++--------
 2 files changed, 24 insertions(+), 15 deletions(-)

diff --git a/.github/labeler-config-srvaroa.yml b/.github/labeler-config-srvaroa.yml
index ab370b6e2..177a35f06 100644
--- a/.github/labeler-config-srvaroa.yml
+++ b/.github/labeler-config-srvaroa.yml
@@ -67,6 +67,8 @@ labels:
       - 'app/core/src/main/java/stirling/software/SPDF/UI/.*'
       - 'app/proprietary/src/main/java/stirling/software/proprietary/security/controller/web/.*'
       - 'frontend/**'
+      - 'frontend/.*'
+      - 'frontend/**/.*'
 
   - label: 'Tauri'
     files:
diff --git a/.github/workflows/frontend-backend-licenses-update.yml b/.github/workflows/frontend-backend-licenses-update.yml
index 2e6b84b03..511dbd53a 100644
--- a/.github/workflows/frontend-backend-licenses-update.yml
+++ b/.github/workflows/frontend-backend-licenses-update.yml
@@ -60,7 +60,7 @@ jobs:
           persist-credentials: false
 
       - name: Setup GitHub App Bot
-        if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false)
+        if: (github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false)) && github.actor != 'dependabot[bot]'
         id: setup-bot
         uses: ./.github/actions/setup-bot
         with:
@@ -134,7 +134,7 @@ jobs:
 
       # PR Event: Check licenses and comment on PR
       - name: Delete previous license check comments
-        if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false
+        if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false) && github.actor != 'dependabot[bot]'
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
         with:
           github-token: ${{ steps.setup-bot.outputs.token }}
@@ -167,7 +167,7 @@ jobs:
             }
 
       - name: Summarize results (fork PRs)
-        if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == true
+        if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == true) || github.actor == 'dependabot[bot]'
         run: |
           {
             echo "## Frontend License Check"
@@ -187,7 +187,7 @@ jobs:
           } >> "$GITHUB_STEP_SUMMARY"
 
       - name: Comment on PR - License Check Results
-        if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false
+        if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false) && github.actor != 'dependabot[bot]'
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
         with:
           github-token: ${{ steps.setup-bot.outputs.token }}
@@ -208,9 +208,9 @@ jobs:
               } catch (e) {
                 warningDetails = 'Unable to read warning details';
               }
-              
+
               commentBody = `## ❌ Frontend License Check Failed
-              
+
               The frontend license check has detected compatibility warnings that require review:
 
               ${warningDetails}
@@ -220,7 +220,7 @@ jobs:
               _This check will fail the PR until license issues are resolved._`;
             } else {
               commentBody = `## ✅ Frontend License Check Passed
-              
+
               All frontend licenses have been validated and no compatibility warnings were detected.
 
               The frontend license report has been updated successfully.`;
@@ -323,7 +323,7 @@ jobs:
           persist-credentials: false
 
       - name: Setup GitHub App Bot
-        if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false)
+        if: (github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false)) && github.actor != 'dependabot[bot]'
         id: setup-bot
         uses: ./.github/actions/setup-bot
         with:
@@ -368,7 +368,7 @@ jobs:
           cp build/reports/dependency-license/index.json app/core/src/main/resources/static/3rdPartyLicenses.json
 
       - name: Delete previous backend license check comments
-        if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false
+        if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false) && github.actor != 'dependabot[bot]'
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
         with:
           github-token: ${{ steps.setup-bot.outputs.token }}
@@ -398,7 +398,7 @@ jobs:
             }
 
       - name: Comment on PR - Backend License Check Results
-        if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false
+        if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false) && github.actor != 'dependabot[bot]'
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
         with:
           github-token: ${{ steps.setup-bot.outputs.token }}
@@ -424,7 +424,7 @@ jobs:
             let commentBody;
             if (hasWarnings) {
               commentBody = `## ❌ Backend License Check Failed
-              
+
               The backend license check has detected dependencies with incompatible or unallowed licenses:
 
               ${warningDetails || 'See uploaded artifact for details.'}
@@ -434,9 +434,9 @@ jobs:
               _This check will fail the PR until license issues are resolved._`;
             } else {
               commentBody = `## ✅ Backend License Check Passed
-              
+
               All backend dependencies have valid and allowed licenses.
-              
+
               The backend license report has been updated successfully.`;
             }
 
@@ -464,9 +464,16 @@ jobs:
       - name: Prepare PR body (push only)
         if: github.event_name == 'push' && env.CHANGES_DETECTED == 'true'
         run: |
-          PR_BODY="Auto-generated by ${{ steps.setup-bot.outputs.app-slug }}[bot]\n\nThis PR updates the backend license report based on dependency changes."
+          PR_BODY="Auto-generated by ${{ steps.setup-bot.outputs.app-slug }}[bot]
+
+          This PR updates the backend license report based on dependency changes."
+
           if [ "${{ env.LICENSE_WARNINGS_EXIST }}" = "true" ]; then
-            PR_BODY="$PR_BODY\n\n## ⚠️ License Compatibility Warnings\n\nIncompatible licenses detected – manual review required before merge."
+            PR_BODY="$PR_BODY
+
+          ## ⚠️ License Compatibility Warnings
+
+          Incompatible licenses detected – manual review required before merge."
           fi
           echo "PR_BODY<<EOF" >> $GITHUB_ENV
           echo "$PR_BODY" >> $GITHUB_ENV