Enable vulnerability alerts and automated remediation PRs for Typescript & Scala repositories

[kenoir]

In order to improve the security of our services we should have visibility of Dependabot alerts, CodeQL issues, secrets in code and an automated mechanism to raise PRs to remediate vulnerabilities.

See: https://github.com/wellcomecollection/docs/pull/101

This will involve:

• Demonstrating providing Dependabot with a graph of dependencies for our scala repositories
• Demonstrating a usable mechanism to raise PRs against both Scala & Typescript repositories
• Providing a mechanism to incentivise merging automated PRs, consisting of:
  • ChatOps notification of open PRs in need of review & merge
  • Preventing proliferation of unmerged PRs by automated closing when stale

[kenoir]

See https://github.com/wellcomecollection/scala-steward for part of our scala vulnerability remediation solution.