CI: Allow the GitHub Actions bot to make release PRs

[Sidnioulz]

What I did

Allowed GitHub Actions Bot to bypass the PR branch check.

Checklist for Contributors

Testing

ø

Manual testing

ø (needs to be merged to test it)

Summary by CodeRabbit

• Chores
  • Updated pull request validation to allow automated bot-generated PRs (e.g., GitHub Actions) to bypass target-branch and manual-testing checks.
  • Extended skip conditions to include bot authors alongside existing owner/member exemptions.
  • No changes to public/exported signatures or external behavior.

[nx-cloud]

View your CI Pipeline Execution ↗ for commit 4ad2760

Command	Status	Duration	Result
nx run-many -t compile -c production --parallel=1	✅ Succeeded	5m 31s	View ↗

---

☁️ Nx Cloud last updated this comment at 2026-03-16 09:32:17 UTC

[nx-cloud]

View your CI Pipeline Execution ↗ for commit 8c7472f

---

☁️ Nx Cloud last updated this comment at 2026-03-09 12:35:10 UTC

[coderabbitai]

📝 Walkthrough

Walkthrough

Extends Danger script bypasses so pull requests authored by the GitHub Actions bot (github-actions[bot], type Bot) are exempted from the manual-testing section check and the target-branch validation, in addition to existing OWNER/MEMBER exemptions. Also includes small manifest edits.

Changes

Cohort / File(s)	Summary
Danger checks (bot bypass) scripts/dangerfile.js	In checkManualTestingSection and checkTargetBranch, introduces/uses a local author variable and extends the skip conditions to bypass checks when the PR author is the GitHub Actions bot (author.login === 'github-actions[bot]' && author.type === 'Bot').
Manifest package.json	Small changes recorded (lines added/removed); no exported/public signatures altered.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• CI: Make missing manual testing section a CI failure #33345: Modifies the same bot-bypass logic in Danger checks, affecting checkManualTestingSection behavior.
• Danger: Fail/warn when PR targets wrong base branch #34007: Edits scripts/dangerfile.js and specifically changes branch-target/bot author handling, overlapping with these changes.

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@scripts/dangerfile.js`:
- Around line 150-157: The code incorrectly reads danger.github.pr.author into
the variable author causing undefined for contributor PRs; update the assignment
to use danger.github.pr.user instead and ensure subsequent checks that reference
author (and authorAssociation) still work (the conditional that checks
['OWNER','MEMBER'].includes(authorAssociation) and the bot check that uses
author.login and author.type should operate on the new author variable). Locate
the author/authorAssociation initialization and replace the source for author
from pr.author to pr.user so the bot/type access no longer throws a TypeError.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: d1e979b3-df2b-4cae-9806-6dc9d392707f

📥 Commits

Reviewing files that changed from the base of the PR and between 0096e34 and 8c7472f.

📒 Files selected for processing (1)

• scripts/dangerfile.js

[coderabbitai]

🧹 Nitpick comments (1)

scripts/dangerfile.js (1)

107-111: Clarify the comment to match the actual logic.

The comment "(but never for agent bots)" is confusing—the condition explicitly allows github-actions[bot] (which is a bot) to bypass. The term "agent bots" is also ambiguous.

Consider a clearer comment:

✏️ Suggested comment clarification

-  // Bypass check for OWNER, MEMBER roles (but never for agent bots)
+  // Bypass check for human OWNER/MEMBER or the GitHub Actions release bot

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@scripts/dangerfile.js` around lines 107 - 111, Update the misleading comment
above the bypass condition to reflect the actual logic: it allows users with
authorAssociation 'OWNER' or 'MEMBER' if author.type !== 'Bot', but explicitly
also allows the specific bot with author.login === 'github-actions[bot]'.
Replace "but never for agent bots" with a clear phrase such as "except bots,
with an explicit exception for the github-actions[bot] account" and reference
the condition variables authorAssociation, author.type, and author.login so the
comment unambiguously matches the if statement logic.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@scripts/dangerfile.js`:
- Around line 107-111: Update the misleading comment above the bypass condition
to reflect the actual logic: it allows users with authorAssociation 'OWNER' or
'MEMBER' if author.type !== 'Bot', but explicitly also allows the specific bot
with author.login === 'github-actions[bot]'. Replace "but never for agent bots"
with a clear phrase such as "except bots, with an explicit exception for the
github-actions[bot] account" and reference the condition variables
authorAssociation, author.type, and author.login so the comment unambiguously
matches the if statement logic.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 840a5e42-584c-45f0-b1ee-250221e23303

📥 Commits

Reviewing files that changed from the base of the PR and between 2530244 and 39288d9.

📒 Files selected for processing (1)

• scripts/dangerfile.js