Dependabot configuration to update actions in workflow

[ScottBrenner]

Overview

Noticed the actions used in https://github.com/fossas/fossa-action/blob/main/.github/workflows/test.yml are outdated, proposing a Dependabot configuration to update - reference https://docs.github.com/en/actions/security-guides/using-githubs-security-features-to-secure-your-use-of-github-actions#keeping-the-actions-in-your-workflows-secure-and-up-to-date

Resolves warning on executions ex. https://github.com/fossas/fossa-action/actions/runs/10564938774

The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3 ...

Suggest enabling https://docs.github.com/en/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners#enabling-or-disabling-for-your-repository as well

Checklist

[ ] If I changed code, I ran yarn build and committed resulting changes.
[ ] I added an example exercising this PRs functionality to .github/workflows/test.yml or explained why it doesn't make sense to do so.

[spatten]

This looks great. Thank you!

Unfortunately we can't merge your PR since our CI currently can't run for users outside our org (it gets a FOSSA_API_KEY from the repo's secrets), but we'll cherry pick your changes into a release soon and keep the registry updated from there.

I'm going to close this PR for now but will @mention you on the PR that cherry picks your commits, which we'll add soon. Thank you so much for contributing this!

[spatten]

Here's the new PR: #47