github: give dependabot auto-merge action permission to update PR

Hopefully this is the last bit I was missing to get this to work :)

.github/workflows/dependabot.yml

@@ -8,6 +8,8 @@ permissions: read-all
 jobs:
   dependabot-auto-merge:
     name: 'Dependabot auto-merge'
+    permissions:
+      pull-requests: write
     runs-on: ubuntu-latest
     if: ${{ github.actor == 'dependabot[bot]' }}
     steps: