From 314145ecbc08b5d0191fd18ce1a918b16848c494 Mon Sep 17 00:00:00 2001
From: Timea <4144203+timea-solid@users.noreply.github.com>
Date: Wed, 11 Feb 2026 16:22:27 +0100
Subject: [PATCH] Add permissions for Dependabot in CI workflow

part of https://github.com/SolidOS/solidos/issues/231#issuecomment-3884115449
---
 .github/workflows/ci.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index d61948e9..13ef7a1c 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -44,6 +44,9 @@ jobs:
     needs: build # After the E2E and build jobs, if one of them fails, it won't merge the PR.
     runs-on: ubuntu-latest
     if: ${{ github.actor == 'dependabot[bot]' && github.event_name == 'pull_request'}} # Detect that the PR author is dependabot
+    permissions:
+      contents: write
+      pull-requests: write
     steps:
       - name: Enable auto-merge for Dependabot PRs
         run: gh pr merge --auto --merge "$PR_URL" # Use Github CLI to merge automatically the PR