feat: configure Dependabot to group dependency updates

[abueide]

Summary

Add Dependabot configuration to group related dependency updates into single PRs instead of creating 25+ individual PRs for each dependency.

Problem

Currently we have 25 open Dependabot PRs, each for a single dependency update. This creates:

• PR noise and notification spam
• Tedious review process (merge 25 PRs individually)
• More CI runs and potential merge conflicts
• Difficult to see related updates together

Solution

Configure Dependabot with grouped updates:

groups:
  production-dependencies:      # Root workspace prod deps
  development-dependencies:     # Root workspace dev/test deps
  example-dependencies:         # Per example app
  e2e-dependencies:            # Per E2E app
  e2e-cli-dependencies:        # E2E CLI
  ruby-dependencies:           # Bundler/Ruby gems

Grouping strategy:

• Root workspace: separate prod vs dev dependencies
• Example apps: all dependencies grouped per app
• E2E apps: all dependencies grouped per app
• Ruby/Bundler: all gems grouped per app
• Weekly schedule instead of immediate updates

Benefits

• ✅ Reduces PR noise: 25 individual PRs → ~6-8 grouped PRs
• ✅ Easier to review: Related updates reviewed together
• ✅ Fewer merge conflicts: One PR to merge instead of 25
• ✅ Fewer CI runs: One test run per group instead of per-dependency
• ✅ Weekly batching: Updates arrive on a schedule, not constantly

Impact

Existing PRs: The 25 open Dependabot PRs will remain open. Once this config is merged:

• Dependabot will create new grouped PRs going forward
• You can close the old individual PRs (they'll be superseded by grouped PRs)
• Future updates will be grouped automatically

Next Dependabot run: Will create ~6-8 grouped PRs instead of individual ones.

References

• Dependabot grouped updates docs

🤖 Generated with Claude Code