[skip changelog] Configure Dependabot to check for outdated actions used in workflows

[per1234]

Please check if the PR fulfills these requirements

• The PR has no duplicates (please search among the Pull Requests
  before creating one)
• The PR follows
  our contributing guidelines
• Tests for the changes have been added (for bug fixes / features)
• Docs have been added / updated (for bug fixes / features)
• UPGRADING.md has been updated with a migration guide (for breaking changes)

• What kind of change does this PR introduce?

Infrastructure enhancement

• What is the current behavior?

Management of the actions dependencies of the repository's GitHub Actions workflows is done manually. Outdated action versions will only be discovered if a review is done by a maintainer, which is not likely to happen often. The workflows do follow the practice of using the major version ref of the action whenever one is provided, which means that the latest version of the action is used up until such time as there is a major version bump. But after that the workflow will be using an outdated action.

• What is the new behavior?

Dependabot will periodically check the versions of all actions used in the repository's workflows. If any are found to
be outdated, it will submit a pull request to update them.

NOTE: Dependabot's PRs will occasionally propose to pin to the patch version of the action (e.g., updating
uses: foo/bar@v1 to uses: foo/[email protected]). When the action author has provided a major version ref, use that instead
(e.g., uses: foo/bar@v2). Dependabot will automatically close its PR once the workflow has been updated.

More information:
https://docs.github.com/en/github/administering-a-repository/keeping-your-actions-up-to-date-with-dependabot

• Does this PR introduce a breaking change, and is
  titled accordingly?

No breakie

• Other information:

---

See how to contribute