From 5e9a41977983c3eee838839493a5655291fecffa Mon Sep 17 00:00:00 2001
From: Kevin Yang <5478483+k-yang@users.noreply.github.com>
Date: Wed, 15 Nov 2023 17:03:18 -0500
Subject: [PATCH] ci: fix changelog-deps workflow

---
 .github/workflows/changelog-deps.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/changelog-deps.yml b/.github/workflows/changelog-deps.yml
index 4e20a6d04..e6e829b17 100644
--- a/.github/workflows/changelog-deps.yml
+++ b/.github/workflows/changelog-deps.yml
@@ -7,6 +7,10 @@ jobs:
   changelog-update:
     runs-on: ubuntu-latest
 
+    permissions:
+      # Give the default GITHUB_TOKEN write permission to commit and push the changed files back to the repository.
+      contents: write
+
     # TODO: feat: try to use author of the commit(s) to see if it's dependabot
     # ${{ any(contains(commit.author.username, 'dependabot') for commit in github.event.commits) }}
     if: contains(github.event.pull_request.labels.*.name, 'dependabot')
@@ -14,7 +18,6 @@ jobs:
     steps:
       - uses: actions/checkout@v4
         with:
-          token: ${{ secrets.NIBIBOT_GIT_TOKEN }}
           # to avoid checking out the repo in a detached state
           ref: ${{ github.head_ref }}
       # Helps keep your repository up-to-date when Dependabot updates your dependencies.