Bump openssl from 0.10.66 to 0.10.70 #142

	name: Dependabot auto-merge

	# pull_request_target must be used instead of pull_request for repository secrets (e.g. PAT) to be accessible
	# https://github.com/dependabot/dependabot-core/issues/3253#issuecomment-852541544
	on: pull_request_target

	jobs:
	dependabot:
	runs-on: ubuntu-latest
	if: github.actor == 'dependabot[bot]'
	steps:
	- name: Dependabot metadata
	id: metadata
	uses: dependabot/fetch-metadata@v1
	with:
	github-token: "${{ secrets.DEPENDABOT_TOKEN }}"
	- name: Enable auto-merge for Dependabot PRs
	if: \|
	steps.metadata.outputs.update-type == 'version-update:semver-minor' \|\|
	steps.metadata.outputs.update-type == 'version-update:semver-patch'
	run: gh pr merge --auto --merge "$PR_URL"
	env:
	PR_URL: ${{github.event.pull_request.html_url}}
	# a PAT must be used instead of a GITHUB_TOKEN for CI to be triggered after merge
	GH_TOKEN: ${{ secrets.DEPENDABOT_TOKEN }}

Provide feedback