From e7c3973ce5a065f46d55322806278f327d42c4f8 Mon Sep 17 00:00:00 2001
From: Luke Karrys <luke@lukekarrys.com>
Date: Sat, 9 Apr 2022 13:36:15 -0700
Subject: [PATCH] chore: postinstall for dependabot template-oss PR

---
 .github/workflows/audit.yml           | 2 +-
 .github/workflows/ci.yml              | 4 ++--
 .github/workflows/post-dependabot.yml | 7 +++----
 package.json                          | 2 +-
 4 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
index 549243ae..03dcd937 100644
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@@ -23,5 +23,5 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts --package-lock
+      - run: npm i --ignore-scripts --no-audit --no-fund --package-lock
       - run: npm audit
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 5c5c5df3..538e46a0 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -30,7 +30,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm run lint
 
   test:
@@ -81,5 +81,5 @@ jobs:
         if: ${{ !startsWith(matrix.node-version, '10.') }}
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm test --ignore-scripts
diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml
index dde84863..0372a7a9 100644
--- a/.github/workflows/post-dependabot.yml
+++ b/.github/workflows/post-dependabot.yml
@@ -4,13 +4,12 @@ name: Post Dependabot Actions
 
 on: pull_request
 
-# https://docs.github.com/en/rest/overview/permissions-required-for-github-apps
+# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
 permissions:
-  actions: write
   contents: write
 
 jobs:
-  Install:
+  template-oss-apply:
     runs-on: ubuntu-latest
     if: github.actor == 'dependabot[bot]'
     steps:
@@ -36,7 +35,7 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           gh pr checkout ${{ github.event.pull_request.number }}
-          npm install --ignore-scripts
+          npm install --ignore-scripts --no-audit --no-fund
           npm run template-oss-apply
           git add .
           git commit -am "chore: postinstall for dependabot template-oss PR"
diff --git a/package.json b/package.json
index 116ce179..c2194511 100644
--- a/package.json
+++ b/package.json
@@ -52,7 +52,7 @@
   "author": "GitHub Inc.",
   "templateOSS": {
     "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
-    "version": "3.2.2",
+    "version": "3.3.2",
     "engines": ">=10",
     "ciVersions": [
       "10.0.0",