From 6aaac1542eb6a9763898e145c55e2f608bc796a3 Mon Sep 17 00:00:00 2001
From: Larry-Osakwe <larryosak@gmail.com>
Date: Thu, 30 Apr 2026 14:20:44 -0700
Subject: [PATCH] fix(ci): grant pull-requests: write to bump-packages caller
 (ACC-237 follow-up)

PR #110 added pull-requests: write to bump-package.yml so the new
auto-merge-PR flow can call gh pr create. The calling workflow
main.yml only granted contents: write, so the called workflow could
not request the new permission. GitHub fails workflow validation in
that case rather than silently dropping the permission.

Adds pull-requests: write to the bump-packages job in main.yml so the
called bump-package.yml inherits both write scopes.
---
 .github/workflows/main.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 17e94a9..1f6a56d 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -49,6 +49,7 @@ jobs:
     needs: detect-changes
     permissions:
       contents: write
+      pull-requests: write
     strategy:
       matrix:
         package: ${{ fromJson(needs.detect-changes.outputs.changed-packages) }}