build: upgrade to GitHub-native Dependabot (#2665)

* Upgrade to GitHub-native Dependabot

* ci: add dependabot-auto-merge action

* ci: update job name

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Matan Kushner <hello@matchai.dev>

.github/dependabot.yml

@@ -0,0 +1,23 @@
+version: 2
+updates:
+- package-ecosystem: cargo
+  directory: "/"
+  schedule:
+    interval: daily
+  open-pull-requests-limit: 10
+  labels:
+  - "\U0001F4E6 dependencies"
+- package-ecosystem: npm
+  directory: "/docs"
+  schedule:
+    interval: weekly
+  open-pull-requests-limit: 10
+  labels:
+  - "\U0001F4E6 dependencies"
+- package-ecosystem: github-actions
+  directory: "/"
+  schedule:
+    interval: daily
+  open-pull-requests-limit: 10
+  labels:
+  - "\U0001F4E6 dependencies"

.github/workflows/auto-merge.yml

@@ -0,0 +1,14 @@
+name: Dependabot
+
+on: [pull_request]
+
+jobs:
+  auto_merge:
+    name: Auto-merge Dependabot PRs
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: ahmadnassri/action-dependabot-auto-merge@v2
+        with:
+          target: minor
+          github-token: ${{ secrets.DEPENDABOT_GITHUB_API_TOKEN }}

.github/workflows/security-audit.yml

@@ -1,4 +1,3 @@
----
 name: Security audit
 on:
   pull_request:

.github/workflows/workflow.yml

@@ -1,4 +1,3 @@
----
 name: Main workflow
 on:
   push: