ci: add Dependabot for Cargo, npm, and GitHub Actions updates

Weekly PRs for Cargo and npm dependency updates, monthly for
Actions versions. Prevents stale lockfiles like the mozjpeg-sys
2.0.2 -> 2.2.3 issue that broke Windows ARM builds.

Author: lilith

.github/dependabot.yml

@@ -0,0 +1,28 @@
+version: 2
+updates:
+  - package-ecosystem: cargo
+    directory: /native
+    schedule:
+      interval: weekly
+    commit-message:
+      prefix: "deps"
+    labels:
+      - dependencies
+
+  - package-ecosystem: npm
+    directory: /
+    schedule:
+      interval: weekly
+    commit-message:
+      prefix: "deps"
+    labels:
+      - dependencies
+
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: monthly
+    commit-message:
+      prefix: "ci"
+    labels:
+      - ci