Specify write permissions for mutex lock explicitly (WATonomous#48)

* Specify write permissions for mutex lock explicitly

* Specify write permissions for dependabot commits

* Clarify comments

* Add pr permission

Author: ben-z

.github/workflows/deploy.yml

@@ -62,6 +62,12 @@ jobs:
     runs-on: ubuntu-latest
     if: github.event_name == 'pull_request'
     needs: [build]
+    # Specify write permissions explicitly to make dependabot PRs happy:
+    # https://github.com/dependabot/dependabot-core/issues/3253#issuecomment-940182533
+    # This is okay in this job because we don't execute any external code (e.g. npm export).
+    permissions:
+      contents: write
+      pull-requests: write
     steps:
       - uses: actions/checkout@v2