diff --git a/.github/workflows/pr-test-lint.yml b/.github/workflows/pr-test-lint.yml
index 1804d6f3..0fb942c7 100644
--- a/.github/workflows/pr-test-lint.yml
+++ b/.github/workflows/pr-test-lint.yml
@@ -88,7 +88,7 @@ jobs:
           name: test-results
           path: report.xml
 
-  go-auto-approve:
+  go-auto-approve-dependabot:
     runs-on: ubuntu-latest
     needs: [go-test, go-bench, golangci-lint, go-mod]
     # For now, we auto approve and merge:
@@ -96,9 +96,7 @@ jobs:
     # - cnquery update PRs
     # because we have tests for this in place.
     # https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/evaluate-expressions-in-workflows-and-actions#startswith
-    if: |
-      (startsWith(github.ref, 'refs/heads/dependabot/go_modules') && github.actor == 'dependabot[bot]') ||
-      (startsWith(github.ref, 'refs/heads/version/cnquery_update_v') && github.event.commits[0].author.username == 'mondoo-tools')
+    if: startsWith(github.ref, 'refs/heads/dependabot/go_modules') && github.actor == 'dependabot[bot]'
     permissions:
       contents: write
       pull-requests: write
@@ -115,6 +113,33 @@ jobs:
         with:
           pr-number: ${{ steps.pr.outputs.number }}
 
+  go-auto-approve-mondoo:
+    runs-on: ubuntu-latest
+    needs: [go-test, go-bench, golangci-lint, go-mod]
+    # For now, we auto approve and merge:
+    # - go dep PRs
+    # - cnquery update PRs
+    # because we have tests for this in place.
+    # https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/evaluate-expressions-in-workflows-and-actions#startswith
+    if: startsWith(github.ref, 'refs/heads/version/cnquery_update_v') && github.event.commits[0].author.username == 'mondoo-tools'
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      # figure out the PR for this commit
+      - uses: cloudposse-github-actions/get-pr@v2.0.0
+        id: pr
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+          filterOutClosed: true
+          filterOutDraft: true
+      - name: Approve and merge a PR
+        run: |
+          gh pr review ${{ steps.pr.outputs.number }} --approve
+          gh pr merge ${{ steps.pr.outputs.number }} --squash --merge
+        env:
+          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
+
   event_file:
     name: "Store event file"
     runs-on: ubuntu-latest