Merge pull request #4111 from Blargian/addendum_approval_improvements_3

Legal: more improvements to approval flow

Author: Blargian

.github/workflows/trademark-cla-approval.yml

@@ -36,6 +36,7 @@ jobs:
           token: ${{ steps.generate-token.outputs.token || secrets.GITHUB_TOKEN }}
 
       - name: Process CLA approval
+        id: process-cla-approval
         uses: actions/github-script@v7
         with:
           github-token: ${{ steps.generate-token.outputs.token || secrets.GITHUB_TOKEN }}
@@ -88,24 +89,15 @@ jobs:
                 pull_number: prNumber
               });
               
-              // Verify the commenter is the PR author and the signature matches
+              // If someone other than PR author is trying to sign, silently ignore
               if (commenter !== pr.user.login) {
-                await github.rest.issues.createComment({
-                  owner: context.repo.owner,
-                  repo: context.repo.repo,
-                  issue_number: prNumber,
-                  body: `@${commenter} Only the PR author (@${pr.user.login}) can sign the CLA for this pull request.`
-                });
+                console.log(`Comment with CLA text from ${commenter} (not PR author ${pr.user.login}), ignoring silently`);
                 return;
               }
               
+              // If PR author is signing but signature doesn't match their username, silently ignore
               if (signatureUser !== commenter) {
-                await github.rest.issues.createComment({
-                  owner: context.repo.owner,
-                  repo: context.repo.repo,
-                  issue_number: prNumber,
-                  body: `@${commenter} The CLA signature must match your username. Please use: \`CLA-SIGNATURE: ${commenter}\``
-                });
+                console.log(`PR author ${commenter} used incorrect signature '${signatureUser}', ignoring silently`);
                 return;
               }
               
@@ -219,6 +211,8 @@ jobs:
             core.setOutput('pr_author', prAuthor);
             core.setOutput('approved_by', approvedBy);
             
+            console.log(`Outputs set - pr_number: ${prNumber}, pr_author: ${prAuthor}, approved_by: ${approvedBy}`);
+            
             // Check if confirmation comment already exists
             const comments = await github.rest.issues.listComments({
               issue_number: prNumber,
@@ -228,7 +222,7 @@ jobs:
             
             const confirmationExists = comments.data.some(comment => 
               (comment.user.login === 'github-actions[bot]' || comment.user.type === 'Bot') && 
-              comment.body.includes('CLA Agreement Confirmed')
+              comment.body.includes('Trademark addendum agreement confirmed ✅')
             );
             
             if (!confirmationExists) {
@@ -239,7 +233,7 @@ jobs:
                 owner: context.repo.owner,
                 repo: context.repo.repo,
                 issue_number: prNumber,
-                body: `## CLA Agreement Confirmed
+                body: `## Trademark license agreement confirmed
             
             The trademark license agreement has been approved for @${prAuthor}.
             

.github/workflows/trademark-cla-notice.yml

@@ -170,7 +170,8 @@ jobs:
             
               if (!existingClaComment && context.eventName === 'pull_request_target') {
                 const claText = '# Trademark License Addendum\n\n' +
-                  'Merging of this pull request is temporarily blocked. Please \n' +
+                  'Merging of this pull request is temporarily blocked as it potentially
+                  'contains a contribution containing a trademark. Please \n' +
                   'read and agree to the Trademark License Addendum below to \n' +
                   'unblock merging of this pull request.\n\n' +
                   '<details>\n' +