From 01a506131678102f2d453568042225f1971fd950 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 7 Apr 2022 13:36:26 +0000
Subject: [PATCH 1/2] chore: bump @npmcli/template-oss from 3.2.0 to 3.3.2

Bumps [@npmcli/template-oss](https://github.com/npm/template-oss) from 3.2.0 to 3.3.2.
- [Release notes](https://github.com/npm/template-oss/releases)
- [Changelog](https://github.com/npm/template-oss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/npm/template-oss/compare/v3.2.0...v3.3.2)

---
updated-dependencies:
- dependency-name: "@npmcli/template-oss"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index b62cf176..5891481f 100644
--- a/package.json
+++ b/package.json
@@ -44,7 +44,7 @@
   },
   "devDependencies": {
     "@npmcli/eslint-config": "^3.0.1",
-    "@npmcli/template-oss": "3.2.0",
+    "@npmcli/template-oss": "3.3.2",
     "cacache": "^16.0.2",
     "nock": "^13.2.4",
     "require-inject": "^1.4.4",

From 00a64e9130b20914e3a42c9ac732537b19f2b539 Mon Sep 17 00:00:00 2001
From: Gar <gar+gh@danger.computer>
Date: Wed, 13 Apr 2022 09:25:25 -0700
Subject: [PATCH 2/2] chore: postinstall for dependabot template-oss PR

---
 .eslintrc.js                          | 1 +
 .github/workflows/audit.yml           | 2 +-
 .github/workflows/ci.yml              | 4 ++--
 .github/workflows/post-dependabot.yml | 8 ++++----
 package.json                          | 2 +-
 5 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/.eslintrc.js b/.eslintrc.js
index 8204f234..0e8ad007 100644
--- a/.eslintrc.js
+++ b/.eslintrc.js
@@ -7,6 +7,7 @@ const localConfigs = readdir(__dirname)
   .map((file) => `./${file}`)
 
 module.exports = {
+  root: true,
   extends: [
     '@npmcli',
     ...localConfigs,
diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
index 549243ae..03dcd937 100644
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@@ -23,5 +23,5 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts --package-lock
+      - run: npm i --ignore-scripts --no-audit --no-fund --package-lock
       - run: npm audit
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 8067c86d..c04f4181 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -30,7 +30,7 @@ jobs:
       - name: Update npm to latest
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm run lint
 
   test:
@@ -82,5 +82,5 @@ jobs:
         if: ${{ !startsWith(matrix.node-version, '10.') }}
         run: npm i --prefer-online --no-fund --no-audit -g npm@latest
       - run: npm -v
-      - run: npm i --ignore-scripts
+      - run: npm i --ignore-scripts --no-audit --no-fund
       - run: npm test --ignore-scripts
diff --git a/.github/workflows/post-dependabot.yml b/.github/workflows/post-dependabot.yml
index bae1d8d2..0372a7a9 100644
--- a/.github/workflows/post-dependabot.yml
+++ b/.github/workflows/post-dependabot.yml
@@ -4,13 +4,12 @@ name: Post Dependabot Actions
 
 on: pull_request
 
-# https://docs.github.com/en/rest/overview/permissions-required-for-github-apps
+# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
 permissions:
-  actions: write
   contents: write
 
 jobs:
-  Install:
+  template-oss-apply:
     runs-on: ubuntu-latest
     if: github.actor == 'dependabot[bot]'
     steps:
@@ -36,8 +35,9 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           gh pr checkout ${{ github.event.pull_request.number }}
-          npm install --ignore-scripts
+          npm install --ignore-scripts --no-audit --no-fund
           npm run template-oss-apply
           git add .
           git commit -am "chore: postinstall for dependabot template-oss PR"
           git push
+          npm run lint
diff --git a/package.json b/package.json
index 5891481f..e38c28a0 100644
--- a/package.json
+++ b/package.json
@@ -60,6 +60,6 @@
   },
   "templateOSS": {
     "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
-    "version": "3.2.0"
+    "version": "3.3.2"
   }
 }