From f99eec3a9052a6bd204136f3fc2d7e876b08b931 Mon Sep 17 00:00:00 2001
From: "John Paul E. Balandan, CPA" <paulbalandan@gmail.com>
Date: Mon, 21 Nov 2022 21:10:00 +0800
Subject: [PATCH] Set correct permissions for dependabot auto-merge

---
 .github/workflows/automerge-dependabot.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/automerge-dependabot.yml b/.github/workflows/automerge-dependabot.yml
index d5c1717..5055203 100644
--- a/.github/workflows/automerge-dependabot.yml
+++ b/.github/workflows/automerge-dependabot.yml
@@ -2,20 +2,20 @@ name: Auto-Merge Dependabot Updates
 
 on:
   pull_request:
-    types:
-      - opened
-      - synchronize
+
+permissions:
+  pull-requests: write
 
 jobs:
   automerge:
     name: Enable Auto-Merge for Dependabot
-    if: github.event.pull_request.user.login == 'dependabot[bot]'
+    if: github.event.pull_request.user.login == 'dependabot[bot]' && github.actor == 'dependabot[bot]'
     runs-on: ubuntu-22.04
 
     steps:
       - name: Enable auto-merge
         uses: peter-evans/enable-pull-request-automerge@v2
         with:
-          token: ${{ secrets.ACCESS_TOKEN }}
+          token: ${{ secrets.GITHUB_TOKEN }}
           pull-request-number: ${{ github.event.pull_request.number }}
           merge-method: squash