GitHub Actions: Reduce token permissions #17

	name: Dependabot Auto-merge

	on:
	pull_request:
	branches:
	- main

	concurrency:
	group: ${{ github.workflow }}-${{ github.event.pull_request.number \|\| github.run_id }}
	cancel-in-progress: true

	permissions: {}

	jobs:
	dependabot:
Check failure on line 15 in .github/workflows/dependabot-auto-merge.yml View workflow run for this annotation GitHub Actions / Dependabot Auto-merge Invalid workflow file `The workflow is not valid. .github/workflows/dependabot-auto-merge.yml (Line: 15, Col: 3): Error calling workflow 'typisttech/.github/.github/workflows/dependabot-auto-merge.yml@v2'. The nested job 'auto-merge-pull-request' is requesting 'contents: write, pull-requests: write', but is only allowed 'contents: none, pull-requests: none'.`
	uses: typisttech/.github/.github/workflows/dependabot-auto-merge.yml@v2
	with:
	minor: true
	patch: true

Provide feedback