Updating dependabot-approve-merge.yml workflow from template

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

.github/workflows/dependabot-approve-merge.yml

@@ -7,23 +7,30 @@ name: Dependabot
 
 on:
   pull_request_target:
-     branches:
+    branches:
+      - main
       - master
       - stable*
 
+permissions:
+  contents: read
+
 jobs:
-  auto-merge:
+  auto-approve-merge:
+    if: github.actor == 'dependabot[bot]'
     runs-on: ubuntu-latest
+    permissions:
+      # for hmarr/auto-approve-action to approve PRs
+      pull-requests: write 
+
     steps:
-      # Default github action approve
+      # Github actions bot approve
       - uses: hmarr/auto-approve-action@v2
-        if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]'
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
 
       # Nextcloud bot approve and merge request
       - uses: ahmadnassri/action-dependabot-auto-merge@v2
-        if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]'
         with:
-          target: patch
+          target: minor
           github-token: ${{ secrets.DEPENDABOT_AUTOMERGE_TOKEN }}