Update dependabot rules so that it only targets prod dependencies

Author: mauriciopoppe

.github/dependabot.yml

@@ -0,0 +1,11 @@
+version: 2
+updates:
+  # Enable version updates for npm
+  - package-ecosystem: "npm"
+    # Look for `package.json` and `lock` files in the `root` directory
+    directory: "/"
+    # Check the npm registry for updates every day (weekdays)
+    schedule:
+      interval: "weekly"
+    allow:
+      - dependency-type: "production"