From 9bd15075064b08dcae11a28210f7e5505f43fe42 Mon Sep 17 00:00:00 2001
From: David Robertson <davidr@element.io>
Date: Mon, 3 Oct 2022 15:46:26 +0100
Subject: [PATCH 1/2] yet another attempt to make dependabot changelogs work

---
 .github/workflows/dependabot_changelog.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/dependabot_changelog.yml b/.github/workflows/dependabot_changelog.yml
index 03490114786b..dcad8d4a249e 100644
--- a/.github/workflows/dependabot_changelog.yml
+++ b/.github/workflows/dependabot_changelog.yml
@@ -9,6 +9,9 @@ permissions:
   #     https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#enable-auto-merge-on-a-pull-request
   # for a similar example
   contents: write
+  # The pull_requests "synchronize" event doesn't seem to fire with just `contents: write`, so
+  # CI doesn't run with the new changelog. Maybe `pull_requests: write` will fix this?
+  pull_requests: write
 
 jobs:
   add-changelog:
@@ -27,3 +30,5 @@ jobs:
           git commit -m "Changelog"
           git push
         shell: bash
+  # THIS WORKFLOW HAS VARIOUS WRITE PERMISSIONS---do not add other jobs here unless they
+  # are sufficiently locked down to dependabot only as above.

From 40aff98cfde8e89c576fe421d2fd9ec11c3d5aa6 Mon Sep 17 00:00:00 2001
From: David Robertson <davidr@element.io>
Date: Mon, 3 Oct 2022 15:50:58 +0100
Subject: [PATCH 2/2] Changelog

---
 changelog.d/14021.misc | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 changelog.d/14021.misc

diff --git a/changelog.d/14021.misc b/changelog.d/14021.misc
new file mode 100644
index 000000000000..7d793b56e0ee
--- /dev/null
+++ b/changelog.d/14021.misc
@@ -0,0 +1 @@
+Prototype a workflow to automatically add changelogs to dependabot PRs.