Review how frequent Dependabot updates packages

[Jimlinz]

Enabler

So that we optimise GitHub Action workflow minutes and costs, we want to review how often Dependabot bump packages for an update.
Dependabot currently scans for new package update daily. Some of the packages in Geostore are updated frequently. This isn't necessarily a bad thing, but it does incur an overhead cost where each Dependabot Pull Request triggers a 40minute workflow run (only to be superseded by another update the following day).

Perhaps a weekly update would be a good balance? This way we would skip a handful of minor package updates during the week (especially for packages that do a release daily). We should discuss as a team to establish what is best for Geostore.

Other considerations:

1. We should work out if there is a way to override this for security updates, so we don't end up waiting a week before a security update is applied.
2. Reduce update frequency for now, but have another review / discussion when Geostore becomes public?

[billgeo]

Sounds like a good idea to me.