Fix dependabot auto-merge (#245)

`fastify/github-action-merge-dependabot` filters out PRs triggered not by `pull_request` event. After creating a ticket to the action repo, developers answered me that probably there is no need to use `pull_request_target`: fastify/github-action-merge-dependabot#474 (review). And it seems we don't: the workflow is targeted on dependabot PRs only, which are internal (not from forked repos), so for the `pull_request` event the workflow will have all required write permissions.
miroapp · Sep 7, 2023 · c51f1c0 · c51f1c0
1 parent 6c2438a
commit c51f1c0
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml
@@ -1,5 +1,5 @@
 name: Dependabot
-on: pull_request_target
+on: pull_request
 
 permissions:
   pull-requests: write