From 4e1c83ec9cc60a546e1fbe1f33ef2c528c533d7e Mon Sep 17 00:00:00 2001
From: dacrab <vaggeliskavouras6@gmail.com>
Date: Tue, 10 Feb 2026 17:55:32 +0200
Subject: [PATCH] fix: auto-merge workflow permissions and PR detection

---
 .github/workflows/auto-merge-dependabot.yml | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/auto-merge-dependabot.yml b/.github/workflows/auto-merge-dependabot.yml
index 41ff873..2c8a493 100644
--- a/.github/workflows/auto-merge-dependabot.yml
+++ b/.github/workflows/auto-merge-dependabot.yml
@@ -1,10 +1,12 @@
 name: Auto-merge dependabot PRs
 
 on:
-  pull_request_target:
+  pull_request:
     types: [opened, synchronize, reopened, ready_for_review]
-  check_suite:
-    types: [completed]
+
+permissions:
+  contents: write
+  pull-requests: write
 
 jobs:
   auto-merge:
@@ -13,8 +15,7 @@ jobs:
     
     steps:
       - name: Enable auto-merge for dependabot PRs
-        run: |
-          gh pr merge --auto --squash --delete-branch "$PR_URL"
+        run: gh pr merge --auto --squash --delete-branch "${{ github.event.pull_request.number }}"
         env:
-          PR_URL: ${{ github.event.pull_request.html_url }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GH_REPO: ${{ github.repository }}