Extends GH token permissions and uses squash merge

canonical · Mar 12, 2024 · e567ee5 · e567ee5
1 parent 5b7cd39
commit e567ee5
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/.github/workflows/dependabot_pr.yaml b/.github/workflows/dependabot_pr.yaml
@@ -5,6 +5,7 @@ on:
 
 permissions:
   pull-requests: write
+  contents: write
 
 jobs:
   auto-merge:
@@ -19,7 +20,7 @@ jobs:
      # This step will allow Github to auto-merge the PR if branch protection rules are satisfied.
      # Branch protection rules should require status checks to pass before merging including all required workflows.
       - name: Enable auto-merge
-        run: gh pr merge --auto --merge "$PR_URL"
+        run: gh pr merge --auto --squash "$PR_URL"
         env:
           PR_URL: ${{github.event.pull_request.html_url}}
           GH_TOKEN: ${{secrets.GITHUB_TOKEN}}