ci: Reuse workflow for automerge

Author: jpmckinney

.github/workflows/automerge.yml

@@ -1,25 +1,8 @@
-# The pull_request_target workflow trigger is dangerous. Do not add unrelated logic to this workflow.
-# https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
-# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target
 name: Auto-merge
 on: pull_request_target
-permissions:
-  pull-requests: write  # to approve the PR
-  contents: write  # to merge the PR
 jobs:
-  dependabot:
-    if: ${{ github.actor == 'dependabot[bot]' }}
-    runs-on: ubuntu-latest
-    steps:
-      - id: dependabot-metadata
-        uses: dependabot/fetch-metadata@v2
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-      - if: ${{ steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major' || steps.dependabot-metadata.outputs.package-ecosystem == 'github_actions' }}
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: gh pr review --approve ${{ github.event.pull_request.html_url }}
-      - if: ${{ steps.dependabot-metadata.outputs.update-type != 'version-update:semver-major' || steps.dependabot-metadata.outputs.package-ecosystem == 'github_actions' }}
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: gh pr merge --auto --squash ${{ github.event.pull_request.html_url }}
+  automerge:
+    uses: open-contracting/.github/.github/workflows/automerge.yml@main
+    permissions:
+      pull-requests: write
+      contents: write