Update dependabot workflow

.github/workflows/auto-merge.yml

@@ -0,0 +1,33 @@
+name: Dependabot auto-merge
+
+on:
+  workflow_run:
+    workflows: ["Main"]
+    types:
+      - completed
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  dependabot:
+    runs-on: ubuntu-latest
+    if: >
+      ${{ github.event.workflow_run.event == 'pull_request' &&
+      github.event.workflow_run.conclusion == 'success' && 
+      github.actor == 'dependabot[bot]' }}
+    steps:
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v2
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+      - name: Auto-merge
+        if: >
+          ${{ steps.metadata.outputs.update-type == 'version-update:semver-minor' &&
+          steps.metadata.outputs.update-type == 'version-update:semver-patch' }}
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}

.github/workflows/main.yml

@@ -21,21 +21,3 @@ jobs:
       - run: npm ci
       - run: npm run lint
       - run: npm run typecheck
-
-  auto-merge:
-    if: github.event_name == 'pull_request' && github.actor == 'dependabot[bot]'
-    runs-on: ubuntu-latest
-    needs: build-and-test
-    env:
-      token: ${{ secrets.DEPENDABOT_TOKEN }}
-    steps:
-      - uses: actions/checkout@v3
-      - name: Check if secrets.DEPENDABOT_TOKEN is set
-        if: ${{ env.token == '' }}
-        run: exit 1
-      - uses: ahmadnassri/action-dependabot-auto-merge@v2
-        with:
-          target: minor
-          command: squash and merge
-          # https://github.com/ahmadnassri/action-dependabot-auto-merge#token-scope
-          github-token: ${{ env.token }}