Dependabot auto merge addition in github workflows (#1459)

Dependabot auto-merge feature. Auto-merge triggers for dependabot depencency pull requests that are patches and have a cvss level greater than zero.

.github/dependabot.yml

@@ -29,4 +29,3 @@ updates:
     target-branch: "v1.x"
     schedule:
       interval: "weekly"
-

.github/workflows/maven.yml

@@ -7,20 +7,25 @@
 # documentation.
 
 name: Java CI with Maven
-
 on:
   push:
     branches:
       - "master"
+      - "v2.x"
+      - "v1.x"
   pull_request:
     branches:
       - "master"
+      - "v2.x"
+      - "v1.x"
+
+permissions:
+  contents: write
+  pull-requests: write
 
 jobs:
   build:
-
     runs-on: ubuntu-latest
-
     steps:
       - uses: actions/checkout@v4
       - name: Set up JDK 8
@@ -30,11 +35,8 @@ jobs:
           distribution: 'corretto'
       - name: Build with Maven
         run: mvn -B package --file pom.xml -DskipITs
-
   backwards-compatible-check:
-
     runs-on: ubuntu-latest
-
     steps:
       - uses: actions/checkout@v4
       - name: Set up JDK 8
@@ -44,3 +46,20 @@ jobs:
           distribution: 'corretto'
       - name: Check backwards compatibility of changes
         run: .github/scripts/backwards_compatibility_check.sh
+  auto-merge:
+    needs: [build]
+    runs-on: ubuntu-latest
+    if: github.event.pull_request.user.login == 'dependabot[bot]'
+    steps:
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v2
+        with:
+          alert-lookup: true
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+      - name: Enable auto-merge for Dependabot PRs
+        if: steps.metadata.outputs.update-type == 'version-update:semver-patch' && steps.metadata.outputs.cvss > 0
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}