Migrate to poetry, replace current development workflow and get better integration with dependabot

[ctheune]

During our internal ISMS review we noticed that the vulnerability management isn't up to date. I'd like to make better use of dependabot, which would benefit from the development setup being switched to poetry instead of our home-grown solution.

This will likely need multiple things to be touched:

• switch to pyproject.toml and initialize a poetry project
• review the version.txt usage
• document the new development workflow
• adapt the github actions
• validate that using released versions still works properly

[elikoga]

So this is just about updating this repostiories development setup as well as the release process. This is not about replacing appenv, right?