From d6480faea6cbe16113d6e0d5a1a8bd931115e71f Mon Sep 17 00:00:00 2001
From: Jamie Wilkinson <jaq@spacepants.org>
Date: Tue, 23 Nov 2021 08:23:26 +1100
Subject: [PATCH] Change permissions for dependabot automerge based on new
 info.

---
 .github/workflows/automerge.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml
index 8e88fbd..e95c0fb 100644
--- a/.github/workflows/automerge.yml
+++ b/.github/workflows/automerge.yml
@@ -18,8 +18,9 @@ jobs:
       # https://github.blog/changelog/2021-02-04-pull-request-auto-merge-is-now-generally-available/
       # which says "can only be enabled by users with permissino to merge"; the
       # REST documentation says you need contents: write to perform a merge.
-      # https://github.community/t/what-permission-does-a-github-action-need-to-call-graphql-enablepullrequestautomerge/197708 says this is it
-      contents: write
+      # https://github.community/t/what-permission-does-a-github-action-need-to-call-graphql-enablepullrequestautomerge/197708 says this is it but also https://github.com/hmarr/auto-approve-action/issues/183 says we need write on PRs
+      #contents: write
+      pull-requests: write
       # auto-approve-action requires write on actions
       actions: write
     steps: