diff --git a/.github/workflows/fix-dependabot-alerts.yml b/.github/workflows/fix-dependabot-alerts.yml
index 9decf913..ade460f4 100644
--- a/.github/workflows/fix-dependabot-alerts.yml
+++ b/.github/workflows/fix-dependabot-alerts.yml
@@ -162,7 +162,17 @@ jobs:
       - name: Create pull request
         if: ${{ steps.fix.outputs.changes == 'true' && steps.build.outputs.build_ok == 'true' }}
         env:
+          # GH_TOKEN is the App token — used by the ``gh`` CLI for
+          # ``gh pr create`` / labelling / closing superseded PRs so the
+          # PR appears under the bot's identity.
           GH_TOKEN: ${{ steps.app-token-pr.outputs.token }}
+          # GIT_PUSH_TOKEN is the workflow's default GITHUB_TOKEN, scoped
+          # via the workflow-level ``permissions: contents: write`` block.
+          # We use it only at the very end, after all untrusted ``npm``
+          # scripts have finished running, to avoid persisting any push
+          # credential in .git/config (where dependency build scripts
+          # could read it).
+          GIT_PUSH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           BRANCH="automated/fix-dependabot-alerts-$(date +%Y%m%d)-${{ github.run_number }}"
           git config user.name "github-actions[bot]"
@@ -188,10 +198,12 @@ jobs:
           Unfixable: ${{ steps.fix.outputs.unfixable_count }} package(s)
 
           Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>"
-          # Push using the App token explicitly — we disabled
-          # ``persist-credentials`` on checkout, so .git/config has no
-          # creds to fall back on.
-          git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${{ github.repository }}.git"
+          # Push using the workflow's default GITHUB_TOKEN (scoped to
+          # contents:write at the workflow level). Configured here, not
+          # via actions/checkout's ``persist-credentials``, so the token
+          # isn't reachable from the npm install / build / test phase
+          # earlier in the job.
+          git remote set-url origin "https://x-access-token:${GIT_PUSH_TOKEN}@github.com/${{ github.repository }}.git"
           git push origin "$BRANCH"
 
           APPLIED="${{ steps.fix.outputs.applied_packages }}"
diff --git a/typescript/package-lock.json b/typescript/package-lock.json
index 9504d04f..85dd9ba4 100644
--- a/typescript/package-lock.json
+++ b/typescript/package-lock.json
@@ -1961,9 +1961,9 @@
       }
     },
     "node_modules/minimatch": {
-      "version": "3.1.3",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
-      "integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
+      "version": "3.1.5",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+      "integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
       "devOptional": true,
       "license": "ISC",
       "dependencies": {