From 9eb019ae56caea5c6d1aa3bd02e67e26536c422b Mon Sep 17 00:00:00 2001
From: Kynan Ware <47394200+BagToad@users.noreply.github.com>
Date: Thu, 6 Nov 2025 11:56:52 -0700
Subject: [PATCH 1/3] Integrate license checks back into lint workflow

Reverts https://github.com/cli/cli/pull/11370
---
 .github/workflows/lint.yml                 | 16 +++++++
 .github/workflows/third-party-licenses.yml | 52 ----------------------
 2 files changed, 16 insertions(+), 52 deletions(-)
 delete mode 100644 .github/workflows/third-party-licenses.yml

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 1d0ac6b55c5..cb7e3319cd6 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -7,11 +7,15 @@ on:
       - "**.go"
       - go.mod
       - go.sum
+      - ".github/licenses.tmpl"
+      - "script/licenses*"
   pull_request:
     paths:
       - "**.go"
       - go.mod
       - go.sum
+      - ".github/licenses.tmpl"
+      - "script/licenses*"
 permissions:
   contents: read
 jobs:
@@ -46,6 +50,18 @@ jobs:
         with:
           version: v2.6.0
 
+      # actions/setup-go does not setup the installed toolchain to be preferred over the system install,
+      # which causes go-licenses to raise "Package ... does not have module info" errors.
+      # for more information, https://github.com/google/go-licenses/issues/244#issuecomment-1885098633
+      #
+      # go-licenses has been pinned for automation use.
+      - name: Check licenses
+        run: |
+          export GOROOT=$(go env GOROOT)
+          export PATH=${GOROOT}/bin:$PATH
+          go install github.com/google/go-licenses@5348b744d0983d85713295ea08a20cca1654a45e
+          make licenses-check
+
   # Discover vulnerabilities within Go standard libraries used to build GitHub CLI using govulncheck.
   govulncheck:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/third-party-licenses.yml b/.github/workflows/third-party-licenses.yml
deleted file mode 100644
index 0a9c8d32ed7..00000000000
--- a/.github/workflows/third-party-licenses.yml
+++ /dev/null
@@ -1,52 +0,0 @@
-name: Third Party Licenses
-on:
-  push:
-    branches:
-      - trunk
-    paths:
-      - .github/licenses.tmpl
-      - .github/workflows/third-party-licenses.yml
-      - go.mod
-      - go.sum
-      - script/licenses*
-jobs:
-  # This job is responsible for updating the third-party license reports and source code.
-  # It should be safe to cancel as the latest version of `go.mod` should be checked in.
-  regenerate-licenses:
-    runs-on: ubuntu-latest
-    concurrency:
-      group: ${{ github.workflow }}
-      cancel-in-progress: true
-    permissions:
-      contents: write
-    steps:
-      - name: Check out code
-        uses: actions/checkout@v5
-        with:
-          ref: trunk
-
-      - name: Set up Go
-        uses: actions/setup-go@v6
-        with:
-          go-version-file: 'go.mod'
-
-      - name: Regenerate licenses
-        run: |
-          export GOROOT=$(go env GOROOT)
-          export PATH=${GOROOT}/bin:$PATH
-          go install github.com/google/go-licenses@5348b744d0983d85713295ea08a20cca1654a45e
-          make licenses
-          git diff
-
-      - name: Commit and push changes
-        run: |
-          if git diff --exit-code; then
-            echo "No third-party license changes to commit"
-          else
-            git config --local user.name "github-actions[bot]"
-            git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
-            git add third-party third-party-licenses.*.md
-            git commit -m "Generate licenses - $GITHUB_SHA"
-            git pull
-            git push origin
-          fi

From b917c4cd5080a94af4aab43a137cb14accd6a0b4 Mon Sep 17 00:00:00 2001
From: Kynan Ware <47394200+BagToad@users.noreply.github.com>
Date: Fri, 7 Nov 2025 09:27:40 -0700
Subject: [PATCH 2/3] Annotate go-licenses install with version tag

Added a comment specifying the installed go-licenses commit corresponds to v2.0.1 for clarity in the lint workflow.
---
 .github/workflows/lint.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index cb7e3319cd6..ec57c22f47f 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -59,7 +59,7 @@ jobs:
         run: |
           export GOROOT=$(go env GOROOT)
           export PATH=${GOROOT}/bin:$PATH
-          go install github.com/google/go-licenses@5348b744d0983d85713295ea08a20cca1654a45e
+          go install github.com/google/go-licenses@5348b744d0983d85713295ea08a20cca1654a45e # v2.0.1
           make licenses-check
 
   # Discover vulnerabilities within Go standard libraries used to build GitHub CLI using govulncheck.

From cc178cf5e457eab47fcb823a9099ea5d4313876c Mon Sep 17 00:00:00 2001
From: Kynan Ware <47394200+BagToad@users.noreply.github.com>
Date: Fri, 7 Nov 2025 09:31:36 -0700
Subject: [PATCH 3/3] Update .github/workflows/lint.yml

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 .github/workflows/lint.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index ec57c22f47f..f796a1677c6 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -52,7 +52,7 @@ jobs:
 
       # actions/setup-go does not setup the installed toolchain to be preferred over the system install,
       # which causes go-licenses to raise "Package ... does not have module info" errors.
-      # for more information, https://github.com/google/go-licenses/issues/244#issuecomment-1885098633
+      # For more information, https://github.com/google/go-licenses/issues/244#issuecomment-1885098633
       #
       # go-licenses has been pinned for automation use.
       - name: Check licenses