From f111aa4c7273dd704b6d96b2c17ed0b8fd08defd Mon Sep 17 00:00:00 2001
From: "M.Schmidt" <markus262@web.de>
Date: Tue, 23 Sep 2025 16:55:43 +0200
Subject: [PATCH 1/2] seperate dependabot into a another file

---
 .github/workflows/dependabot.yml  | 21 +++++++++++++++++++
 .github/workflows/zombie-mode.yml | 35 ++++++++++---------------------
 2 files changed, 32 insertions(+), 24 deletions(-)
 create mode 100644 .github/workflows/dependabot.yml

diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml
new file mode 100644
index 0000000..616e448
--- /dev/null
+++ b/.github/workflows/dependabot.yml
@@ -0,0 +1,21 @@
+name: Handle Dependabot PRs
+
+on:
+  pull_request:
+    types: [opened, reopened, synchronize]
+
+jobs:
+  ApproveAndMerge:
+    name: Auto approve Dependabot PRs
+    runs-on: ubuntu-latest
+    # Only run for PRs created by Dependabot - extended verification is done in the reusable workflow
+    if: github.actor == 'dependabot[bot]'
+    # These permissions are needed to approve pull requests
+    permissions:
+      contents: read
+      pull-requests: write
+    steps:
+      - name: Auto approve Dependabot PR
+        uses: secure-software-engineering/actions/dependabot@develop
+        with:
+          token: ${{ secrets.AUTO_MERGE_PAT }}
\ No newline at end of file
diff --git a/.github/workflows/zombie-mode.yml b/.github/workflows/zombie-mode.yml
index 47f4783..d1f073d 100644
--- a/.github/workflows/zombie-mode.yml
+++ b/.github/workflows/zombie-mode.yml
@@ -1,23 +1,9 @@
 name: Zombie Mode
 on:
-  pull_request:
-    types: [opened]
-    branches: [develop]
   schedule:
-    - cron: '0 6 * * MON'
-  workflow_dispatch:
+    - cron: '0 6 * * 1-5'
 
 jobs:
-  auto-approve-dependabot:
-    if: github.actor == 'dependabot[bot]'
-    runs-on: ubuntu-latest
-    permissions:
-      pull-requests: write
-    steps:
-      - uses: secure-software-engineering/actions/dependabot@develop
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-
   zombie-release:
     runs-on: ubuntu-latest
     permissions:
@@ -26,10 +12,11 @@ jobs:
     steps:
       - uses: secure-software-engineering/actions/zombie-mode/prepare-pr@develop
         with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          base-branch: 'develop'
-          auto-merge-days: '3'
-          version-file: 'pom.xml'
+          github-token: ${{secrets.AUTO_MERGE_PAT}}
+          base-branch: develop
+          merge-timeout-days: 3
+          version-file: pom.xml
+
 
   auto-merge-aged:
     runs-on: ubuntu-latest
@@ -39,8 +26,8 @@ jobs:
     steps:
       - uses: secure-software-engineering/actions/zombie-mode/merge-pr@develop
         with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          age-days: '3'
-          merge-method: 'squash'
-          delete-branch: 'true'
-          zombie-label: 'zombie-mode'
\ No newline at end of file
+          github-token: ${{secrets.AUTO_MERGE_PAT}}
+          merge-timeout-days: 3
+          merge-method: squash
+          delete-branch: true
+          label: zombie-mode
\ No newline at end of file

From e9cf43ad97c88c8dfba5e3b372835c0ff006ce2d Mon Sep 17 00:00:00 2001
From: "M.Schmidt" <markus262@web.de>
Date: Wed, 24 Sep 2025 11:07:07 +0200
Subject: [PATCH 2/2] downgrade junit to test dependabot + ci handling

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index e9e9c25..457d0c7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -135,7 +135,7 @@
 		<dependency>
 			<groupId>junit</groupId>
 			<artifactId>junit</artifactId>
-			<version>4.13.2</version>
+			<version>4.13.1</version>
 			<scope>test</scope>
 		</dependency>
 		<dependency>