Make dependabot assign reviewers in Delphi repos

[dshemetov]

These are for security updates. At some point, maybe we can implement full dependency tracking with dependabot.

P0

• delphi-epidata
• www-main
• covidcast-indicators
• www-covidcast

P1

• covidcast
• operations
• www-epivis
• www-covidcast-classic

P2

• www-nowcast
• www-fluscores
• www-epicast

[dshemetov]

Turns out the workflow I added doesn't have the required permissions.

The REST API allows this with the permissions "Administration" or "Members", but I don't see those in the jobs permissions. Will need to look at it deeper.

[krivard]

Possible workaround: use curl instead of gh

[dshemetov]

The workaround above doesn't work with default GitHub action token permissions. This post, by the maintainer of the pull request action, has a more in-depth summary.

Summary:

1. Specify the teams as team slugs without the leading org/
2. Use a PAT with repo scope.