Updating dependabot-approve-merge.yml workflow from template

Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2022-08-05 12:48:46 +00:00
parent 9708e02c65
commit 1d4f70f46b
1 changed files with 6 additions and 0 deletions
--- a/.github/workflows/dependabot-approve-merge.yml
+++ b/.github/workflows/dependabot-approve-merge.yml
@@ -12,10 +12,16 @@ on:
      - master
      - stable*

+permissions:
+  contents: read
+
 jobs:
  auto-approve-merge:
    if: github.actor == 'dependabot[bot]'
    runs-on: ubuntu-latest
+    permissions:
+      # for hmarr/auto-approve-action to approve PRs
+      pull-requests: write 

    steps:
      # Github actions bot approve