The licenses script now:- Generates separate license reports per GOOS/GOARCH combination- Groups identical reports together (comma-separated arch names)- Adds a Table of Contents at the top of each platform file- Handles cases where different architectures have different dependencies  (e.g., x/sys/unix vs x/sys/windows, mousetrap on Windows only)This addresses the issue discovered in cli/cli where some deps changedwhich changed the mod graph for different GOARCH and affected theexported licenses because go-licenses tries to find common ancestors.

CopilotAI left a comment

Address review feedback:- Remove bash 4.0+ associative array requirement for macOS compatibility- Add cross-platform hash function (md5sum on Linux, md5 on macOS)- Ensure deterministic iteration order using sorted groups file- Add better error handling for failed go-licenses commands- Fix grammar: 'architecture(s)' -> 'architectures'- Add documentation for third-party/ being a union of all architectures- Use file-based state instead of associative arrays for portability

- Check now regenerates using ./script/licenses and compares- Add GOROOT/PATH setup in CI to fix go-licenses module info errors- Check both license files AND third-party directory for changes- See:google/go-licenses#244

The sort command uses locale-specific ordering which can differ betweensystems. Use LC_ALL=C to ensure consistent ordering in CI and locally.

Changes:- Pin go-licenses version in CI for reproducibility (commit 5348b744)- Add GOROOT/PATH setup for 'Package does not have module info' fix- Update license-check.yml to auto-fix and push to PR branches- Add CI=true env var to use pinned go-licenses version- Add dependabot exclusion from auto-fix workflow- Add code-scanning exclusion for third-party files

After the bot pushes license fixes, check if the PR now only containslicense file changes. If so, close it automatically with a commentexplaining that the license updates are complete.This prevents stale PRs from accumulating when someone creates a PRjust to fix licenses, or when all other changes were already mergedto the base branch.

Creates stacked PRs to fix license issues:- Detects when a PR needs license updates- Creates child PR: main <- PR:feature <- PR:license-fix- Tracks PRs with metadata and hash of license changes- Auto-closes if user fixes licenses manually- Auto-closes and recreates if dependencies change- Prevents multiple fix PRs for same base PRRules:- Only targets PRs against main (not stacked PRs)- Only runs on ready-for-review PRs (not drafts)- Skips bots and forks- Hash-based detection avoids unnecessary work

Dependabot PRs frequently need license updates and can't be merged untilfixed. The auto-fix workflow helps by creating a child PR with thelicense changes, making it easy to merge both together.

- Remove dependabot exclusion (we want to support dependabot PRs)- Comment indentation already fixed- CI env var already set for reproducibility

Moved the 'targets main' check from job if: to workflow on.pull_request.branches.This prevents the workflow from even triggering for PRs targeting other branches,saving CI resources.Draft check is implicit in the types list (opened + ready_for_review).Fork check must stay in if: condition (can't be filtered in on: block).

Combines both workflows into one with two jobs:1. license-check: Checks licenses, fails if needed, sets outputs2. auto-create-fix-pr: Creates child PR if needed (only for non-forks)Benefits:- Single workflow file, easier to maintain- Check fails (blocks merge) while still creating helpful fix PR- Fork detection in first job, second job skips for forks- Hash-based tracking prevents duplicate PRs

Much simpler workflow:1. Always try to auto-commit fix directly to PR branch2. If push fails (fork without permissions), comment once with instructions3. Don't create child PRs - just fix in place or give instructions4. Only comment if not already commented (prevent spam)5. Always fail check if licenses need updatingBenefits:- Much simpler - single job- No child PR management complexity- Clear UX: either fixed or instructed- Works for all PRs (internal/fork/dependabot)