dependabot: Ignore patch updates

This commit ignores Python and GitHub Action patch updates. Major and
minor versions will still trigger an update. Security updates are not
changed. Package updates for every patch (major.minor.patch) is noisy.
Focusing on major and minor will provide sufficient updates for packages
used in this project. [1]

[1] https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#specifying-dependencies-and-versions-to-ignore

Author: edwarddavidbaker

.github/dependabot.yml

@@ -8,10 +8,20 @@ updates:
     schedule:
       interval: "weekly"
     open-pull-requests-limit: 1
+    ignore:
+      # Ignore patch updates (major.minor.patch) for all packages. This
+      # does not prevent security updates.
+      - dependency-name: "*"
+        update-types: ["version-update:semver-patch"]
 
   # Enable version updates from GitHub Actions.
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
       interval: "weekly"
     open-pull-requests-limit: 1
+    ignore:
+      # Ignore patch updates (major.minor.patch) for all packages. This
+      # does not prevent security updates.
+      - dependency-name: "*"
+        update-types: ["version-update:semver-patch"]