From f466ad3f989de5a67083fc22baa21619d0e4ba9a Mon Sep 17 00:00:00 2001
From: Ivan Gabaldon <igabaldon@inetol.net>
Date: Thu, 8 May 2025 23:15:25 +0200
Subject: [PATCH] [fix] missing PR perm data-update.yml workflow

We actually don't need to keep the token on checkout because `peter-evans/create-pull-request` will read from `github.token`. The obvious `pull-requests` write permission wasn't set in the last fix, so I added it now.
---
 .github/workflows/data-update.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/data-update.yml b/.github/workflows/data-update.yml
index d5810a967..1c7ff1c2d 100644
--- a/.github/workflows/data-update.yml
+++ b/.github/workflows/data-update.yml
@@ -36,6 +36,7 @@ jobs:
 
     permissions:
       contents: write
+      pull-requests: write
 
     steps:
       - name: Setup Python
@@ -45,6 +46,8 @@ jobs:
 
       - name: Checkout
         uses: actions/checkout@v4
+        with:
+          persist-credentials: "false"
 
       - name: Setup cache Python
         uses: actions/cache@v4