chore: dependabot cooldown

[sjvans]

as suggested in #420

[hyperspace-insights]

Summary

The following content is AI-generated and provides a summary of the pull request:

---

Add Dependabot Cooldown and GitHub Actions Ecosystem Support

Chore

🔧 Updated the Dependabot configuration to add a cooldown period and extend version update tracking to GitHub Actions workflows.

Changes

• .github/dependabot.yml:
  • Changed the npm update schedule from daily to weekly
  • Added a cooldown block with default-days: 1 to the npm ecosystem configuration
  • Added a new github-actions package ecosystem entry with a weekly schedule and the same cooldown setting

---

• 🔄 Regenerate and Update Summary
• ✏️ Insert as PR Description (deletes this comment)
• 🗑️ Delete comment

PR Bot Information

Version: 1.20.47

• Event Trigger: pull_request.opened
• File Content Strategy: Full file content
• Summary Prompt: Default Prompt
• LLM: anthropic--claude-4.6-sonnet
• Output Template: Default Template
• Correlation ID: b4583ad3-1b88-4389-8564-6db0e56667d3

[hyperspace-insights]

The diff and file look clean. The cooldown block is placed at the correct indentation level (same level as schedule), default-days: 1 is a valid key, and the new github-actions ecosystem entry is well-formed. There are no structural, logic, or typo issues to flag.

The PR is straightforward and correct — it adds a cooldown to both the existing npm ecosystem entry and a new github-actions entry, while switching the npm schedule from daily to weekly. The YAML structure and indentation are consistent throughout.

PR Bot Information

Version: 1.20.47

• Event Trigger: pull_request.opened
• File Content Strategy: Full file content
• Correlation ID: b4583ad3-1b88-4389-8564-6db0e56667d3
• LLM: anthropic--claude-4.6-sonnet

[patricebender]

👍

I have chosen 3 days for cds-dbs, because that is the window of time a package can be un-published