Add new, disabled dependabot ignore directives

Add the Actions that are used in the CodeQL workflow as commented out
dependencies to ignore in the dependabot configuration. These will be
un-commented in downstream repositories so that only
cisagov/skeleton-python-library will have dependabot PRs created for
these dependencies.

.github/dependabot.yml

@@ -22,6 +22,9 @@ updates:
       # # Managed by cisagov/skeleton-python-library
       # - dependency-name: actions/download-artifact
       # - dependency-name: actions/upload-artifact
+      # - dependency-name: github/codeql-action/analyze
+      # - dependency-name: github/codeql-action/autobuild
+      # - dependency-name: github/codeql-action/init
 
   - package-ecosystem: "pip"
     directory: "/"