Updating dependabot-approve-merge.yml workflow from template

Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2022-08-05 12:51:52 +00:00
parent 5dedf7bec3
commit 6c556263c6
1 changed files with 7 additions and 0 deletions
--- a/.github/workflows/dependabot-approve-merge.yml
+++ b/.github/workflows/dependabot-approve-merge.yml
@@ -8,13 +8,20 @@ name: Dependabot
 on:
  pull_request_target:
    branches:
+      - main
      - master
      - stable*

+permissions:
+  contents: read
+
 jobs:
  auto-approve-merge:
    if: github.actor == 'dependabot[bot]'
    runs-on: ubuntu-latest
+    permissions:
+      # for hmarr/auto-approve-action to approve PRs
+      pull-requests: write 

    steps:
      # Github actions bot approve