Automated dependency management

[braxex]

Summary

We need automated vulnerability monitoring and dependency management for our security tooling. This will compliment Code Climate and CodeQL in helping us keep our code high quality and secure.

This PR follows up on the in-repo configuration of Dependabot to monitor vulnerabilities and help us manage dependencies by adding a workflow to auto-merge Dependabot patches.

Addresses #69

Type of change

• [x] New feature (non-breaking change which adds functionality)
• [x] This is a documentation update

How To Test

n/a (Wait for the next Dependabot scan and PR creation process)

Checklist:

• [x] My code follows the style guidelines of this project and has no linting errors
• [x] I have performed a self-review of my code
• [x] I have commented my code, particularly in hard-to-understand areas
• [x] I have made corresponding changes to the documentation, including any applicable ADRs
• [x] My changes generate no new warnings
• ~[ ] I have added tests that fail without these changes~
• [x] New and existing tests (unit, integration, accessibility) pass locally
• [x] Documentation updated
• ~[ ] If there are security concerns they are addressed or ticketed after being discussed~

[codeclimate[bot]]

Code Climate has analyzed commit 30663b3d and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (90% is the threshold).

This pull request will bring the total coverage in the repository to 100.0% (0.0% change).

View more on Code Climate.