[dependabot] Decrease frequency to quarterly or semiannually

[imnasnainaec]

From:

• bimonthly (everything)

To:

• quarterly (gha, nuget, npm minor/patch)
• semiannually (docker, pip, npm major)

---

This change is 

Summary by CodeRabbit

• Chores
  • Updated dependency management configuration to adjust automated update schedules and policies across multiple package ecosystems.

---

Note: This release contains no user-facing changes. Updates are limited to internal development infrastructure.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

Updated Dependabot configuration with modified cron schedules across package ecosystems (GitHub Actions, NuGet, Docker, Pip) and restructured npm dependency management to control major version updates through separate configuration blocks with selective package exceptions.

Changes

Cohort / File(s)	Summary
Dependabot Configuration \.github/dependabot\.yml	Updated cron schedules for GitHub Actions, NuGet, Docker, and Pip ecosystems. Added new npm major-updates block with semiannual cadence and blanket dependency ignore, with explicit exceptions for MUI, React, and related type packages. Modified existing frontend npm block to blanket-ignore all dependencies and adjusted per-package update-type settings. (+18/-14 lines)

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 Schedules hop in quarterly time,
npm packages now in their prime,
MUI and React get their say,
while others must wait for the day!
Dependabot dances, controlled and neat ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately reflects the main change: reducing Dependabot update frequencies from bimonthly to quarterly or semiannual across multiple ecosystems.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This pull request reduces the frequency of Dependabot updates from bimonthly to either quarterly or semiannually depending on the package ecosystem and update type. The change aims to reduce maintenance overhead from dependency updates.

Key changes:

• Updated cron schedules from 1-11/2 (bimonthly) to 1-10/3 (quarterly) or 1-7/6 (semiannually)
• Split npm ecosystem into two sections: one for minor/patch updates (quarterly) and one for major updates (semiannually)
• Consolidated npm major update ignore rules by using a wildcard pattern to ignore minor/patch updates

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 74.57%. Comparing base (609a9fc) to head (ec403cc).
⚠️ Report is 1 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #4081   +/-   ##
=======================================
  Coverage   74.57%   74.57%           
=======================================
  Files         295      295           
  Lines       10938    10938           
  Branches     1372     1372           
=======================================
  Hits         8157     8157           
  Misses       2385     2385           
  Partials      396      396           

Flag	Coverage Δ
backend	85.59% <ø> (ø)
frontend	66.02% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[jasonleenaylor]

@jasonleenaylor reviewed 1 file and all commit messages, and made 1 comment.
Reviewable status: complete! all files reviewed, all discussions resolved (waiting on @imnasnainaec).