Add dependabot config for automatic action update PRs

[dbast]

Description

GitHub workflows are typically composed out of several actions, that reference a specific action version via their tag. So versions start to age and dependabot can help to keep them up-to-date via proposing update PRs.

This opens PRs similar to https://github.com/dbast/seedsigner/pull/4

dependabot can be instructed by PR comments like @dependabot rebase or @dependabot ignore this major version to influence its behaviour, see the referenced PR link.

This pull request is categorized as a:

• [ ] New feature
• [ ] Bug fix
• [ ] Code refactor
• [ ] Documentation
• [x] Other

Checklist

• [ ] I’ve run pytest and made sure all unit tests pass before sumbitting the PR

If you modified or added functionality/workflow, did you add new unit tests?

• [ ] No, I’m a fool
• [ ] Yes
• [ ] N/A

I have tested this PR on the following platforms/os:

• [ ] Raspberry Pi OS Manual Build
• [ ] SeedSigner OS on a Pi0/Pi0W board
• [ ] Other

Note: Keep your changes limited in scope; if you uncover other issues or improvements along the way, ideally submit those as a separate PR. The more complicated the PR the harder to review, test, and merge.

[kdmukai]

Beyond my expertise, but concept ACK.

Thank you @dbast for continuing to help further professionalize / streamline the project!