Add dependabot for GH actions

[zhiqwang]

Hi @glenn-jocher , Seems that the Dependabot can update the Actions automatically.

🛠️ PR Summary

_{Made with ❤️ by Ultralytics Actions}

🌟 Summary

Enhanced dependency management for GitHub Actions in the YOLOv5 repository.

📊 Key Changes

• 🔃 Added a new update rule for the package-ecosystem of GitHub Actions.
• ⏰ The schedule for checking GitHub Actions dependencies is set to weekly.
• 🕓 Selected time for the update check is at 04:00.
• 🚦 The open-pull-requests-limit is set to 5.
• 🔖 Dependencies label will be applied to relevant pull requests.
• 👤 Glenn Jocher will be automatically added as a reviewer for these pull requests.

🎯 Purpose & Impact

• 💡 Ensures that GitHub Actions dependencies are kept up to date regularly, which is crucial for the CI/CD pipeline's security and reliability.
• 🛠️ Helps maintain an optimal number of dependency update PRs, avoiding an overwhelming number of updates at once.
• 🙌 Users can expect a more stable and secure repository environment with consistent updates to the CI/CD process.

[glenn-jocher]

@zhiqwang interesting! I read a bit about this at https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot

Let's try it out.

[glenn-jocher]

@zhiqwang PR is merged. Thank you for your contributions to YOLOv5 🚀 and Vision AI ⭐

[glenn-jocher]

@zhiqwang it worked! See #5251, #5252, #5253. This is a great PR, I did not even realize that these GH actions were on older dependencies.