fix: auto-merge workflow permissions and PR detection

[dacrab]

Fixes auto-merge workflow failures:

• Removed check_suite trigger (doesn't have PR context)
• Changed to pull_request trigger only
• Added required permissions: contents: write and pull-requests: write
• Fixed PR reference to use PR number instead of URL
• Use GH_TOKEN and GH_REPO env vars for gh CLI

This will allow dependabot PRs to auto-merge when CI passes.

Summary by CodeRabbit

No user-facing changes to report. This PR contains only internal infrastructure improvements to the GitHub Actions workflow for automated dependency management, with no impact on end-user functionality.

[coderabbitai]

📝 Walkthrough

Walkthrough

Modified the Dependabot auto-merge workflow to trigger on standard pull_request events rather than pull_request_target, updated merge command to use gh CLI with event PR number, added explicit workflow permissions, and adjusted environment variables.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflow .github/workflows/auto-merge-dependabot.yml	Changed trigger from pull_request_target to pull_request with specific event filters. Updated merge logic to use gh pr merge with event PR number instead of URL variable. Added workflow permissions (contents, pull-requests) and replaced PR_URL/GITHUB_TOKEN with GH_TOKEN/GH_REPO environment variables.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 With whiskers held high and a code review done,
We've changed how the bots merge—what clever fun!
From target to pull, the events align,
With gh CLI leading, the merge flows divine! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely describes the main changes: fixing workflow permissions and improving PR detection in the auto-merge workflow.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/auto-merge-workflow

---

No actionable comments were generated in the recent review. 🎉

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}