enable dependabot for GitHub actions

[ranocha]

This allows to get updates for GitHub actions automatically. I have used this for my own packages, the Trixi.jl framework, and the SciML organization. After merging this, you could also enable other Dependabot actions in 'Settings -> Code security and analysis -> Dependabot alerts' and '... -> Dependabot security updates'.

See SciML/MuladdMacro.jl#37

[codecov]

Codecov Report

Patch coverage has no change and project coverage change: +11.20 🎉

Comparison is base (d0291ec) 64.24% compared to head (0f7f44a) 75.44%.

Additional details and impacted files

@@             Coverage Diff             @@
##             main       #4       +/-   ##
===========================================
+ Coverage   64.24%   75.44%   +11.20%     
===========================================
  Files           2        2               
  Lines         165      167        +2     
===========================================
+ Hits          106      126       +20     
+ Misses         59       41       -18     

see 2 files with indirect coverage changes

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

[Agent-Hellboy]

Thanks for the PR, I am merging this.