From cb5dc20a4a542d0647d95e0f1e615bd08a16a6a0 Mon Sep 17 00:00:00 2001
From: Frazer Smith <frazer.dev@outlook.com>
Date: Fri, 29 Apr 2022 09:55:32 +0000
Subject: [PATCH] ci: bump github actions; reduce job permissions to minimum

---
 .github/workflows/ci.yml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index e384c34..6538591 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -11,6 +11,9 @@ on:
 jobs:
   test:
     runs-on: ${{ matrix.os }}
+    
+    permissions:
+      contents: read
 
     strategy:
       matrix:
@@ -54,7 +57,10 @@ jobs:
   automerge:
     needs: test
     runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+      contents: write
     steps:
-      - uses: fastify/github-action-merge-dependabot@v2.7.1
+      - uses: fastify/github-action-merge-dependabot@v3
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}