From fdd594f66cfa3c0350c25ec3972eb97195d8290a Mon Sep 17 00:00:00 2001
From: William Brawner <me@wbrawner.com>
Date: Wed, 27 Mar 2024 21:55:37 -0600
Subject: [PATCH] Fix permissions and run conditions on workflows

---
 .github/workflows/auto-merge.yml | 15 +++++++++------
 .github/workflows/test.yml       |  4 ++++
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml
index b2ab7c1..755164b 100644
--- a/.github/workflows/auto-merge.yml
+++ b/.github/workflows/auto-merge.yml
@@ -1,16 +1,19 @@
 name: Enable Auto Merge
-on: pull_request
-
-permissions:
-  contents: write
-  pull-requests: write
+on:
+  pull_request_target:
+    types:
+      - opened
+      - reopened
+      - edited
+    branches:
+      - main
 
 jobs:
   auto-merge:
     runs-on: ubuntu-latest
     if: ${{ github.actor == 'wbrawner' || github.actor == 'dependabot[bot]' }}
     steps:
-      - name: Enable auto-merge for Dependabot PRs
+      - name: Enable auto-merge
         run: gh pr merge --auto --rebase "$PR_URL"
         env:
           PR_URL: ${{github.event.pull_request.html_url}}
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index f8a9bed..38d916e 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -3,6 +3,10 @@ name: Test
 on:
   pull_request:
 
+permissions:
+  statuses: write
+  checks: write
+
 jobs:
   validate:
     runs-on: ubuntu-latest