chore(deps): Bump @sigstore/tuf from 2.2.0 to 2.3.2 #742

	on: pull_request_target

	permissions:
	pull-requests: write
	contents: write

	jobs:
	dependabot:
	runs-on: ubuntu-latest
	strategy:
	matrix:
	node: ["18.x"]
	name: Node ${{ matrix.node }}

	if: ${{ github.actor == 'dependabot[bot]' }}

	steps:
	- name: "Checkout"
	uses: actions/checkout@v4

	- name: Setup node
	uses: actions/setup-node@v2
	with:
	node-version: ${{ matrix.node }}

	- name: Quality check
	uses: ./.github/actions/qualityCheck

	- name: Dependabot metadata
	id: metadata
	uses: dependabot/fetch-metadata@v1.1.1
	with:
	github-token: "${{ secrets.GITHUB_TOKEN }}"

	- name: Enable auto-merge for Dependabot PRs
	# if: ${{steps.metadata.outputs.update-type == 'version-update:semver-patch'}}
	run: gh pr merge --auto --merge "$PR_URL"
	env:
	PR_URL: ${{github.event.pull_request.html_url}}
	GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

Provide feedback