Github specific workflow refactors and documentations

[jamesrweb]

Proposed Changes

• Update configurations in the .github directory
• Adapt the Dependabot workflow
• Try to make CI / CD be more declarative

Additional Notes (optional)

I would like to discuss the idea of enforcing conventional commits so that we can also auto-generate a changelog but what do you think of this @yevdyko? I think this would help to add more context for releases but it does mean the overhead of enforcing the commit style to achieve that end. That's the main trade-off but I think it could be worthwhile, I'm interested in your feedback on that.

Also, what is your plan for the workflows repository and the p5 2.x.x migration we discussed? As an update from my side, the q5 flows are almost finished and I just need to adapt the tests and change a couple of the types now before making the PR for that topic.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[github-actions]

Coverage report for commit: c2570c8
File: ./coverage/clover.xml

Cover ┌─────────────────────────┐ Freq.
   0% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  10% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  20% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  30% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  40% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  50% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  60% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  70% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  80% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
  90% │ ░░░░░░░░░░░░░░░░░░░░░░░ │  0.0%
 100% │ ███████████████████████ │ 100.0%
      └─────────────────────────┘
 *Legend:* █ = Current Distribution 

Summary - Lines: 100.00% | Methods: 100.00% | Branches: 91.30%

Files	Lines	Methods	Branches
src/components
ReactP5Wrapper.tsx	100.00%	100.00%	100.00%
ReactP5WrapperGuard.tsx	100.00%	100.00%	72.73%
ReactP5WrapperWithSketch.tsx	100.00%	100.00%	88.89%
src/constants
P5WrapperClassName.ts	100.00%	100.00%	100.00%
src/contracts
CanvasInstanceRef.ts	100.00%	100.00%	100.00%
InputProps.ts	100.00%	100.00%	100.00%
P5CanvasInstance.ts	100.00%	100.00%	100.00%
P5WrapperProps.ts	100.00%	100.00%	100.00%
P5WrapperPropsWithSketch.ts	100.00%	100.00%	100.00%
Sketch.ts	100.00%	100.00%	100.00%
SketchProps.ts	100.00%	100.00%	100.00%
WithChildren.ts	100.00%	100.00%	100.00%
Wrapper.ts	100.00%	100.00%	100.00%
WrapperRef.ts	100.00%	100.00%	100.00%
src
main.tsx	100.00%	100.00%	100.00%
src/utils
createCanvasInstance.ts	100.00%	100.00%	100.00%
logErrorBoundaryError.ts	100.00%	100.00%	100.00%
propsAreEqual.ts	100.00%	100.00%	100.00%
removeCanvasInstance.ts	100.00%	100.00%	100.00%
updateCanvasInstance.ts	100.00%	100.00%	100.00%
withoutKeys.ts	100.00%	100.00%	100.00%

_{🤖 comment via lucassabreu/comment-coverage-clover}

[yevdyko]

Thanks for the improvements — everything looks good! Regarding conventional commits, I’m personally not a big fan of them, especially for small projects with few contributors. That said, I don’t mind if you’d like to adopt this approach. The only thing I’d ask: could we avoid using emojis in commit messages? It feels a bit too much for my taste 🙂

Since you've updated all the workflow configurations here, I can extract the shared ones to the workflows repository after this PR is merged.

Could you remind me of the details about the p5 2.x.x migration? This topic slipped my mind

[yevdyko]

Suggested change

	- [ ] ❓Other
	- [ ] ❓ Other

[jamesrweb]

We need to upgrade p5 to v2.x.x and adapt implementation & the tests. I guess it makes sense to go into v5 before it's properly released since it's a breaking change. Or we release v5 as is and make v6 for the p5 upgrade but I don't think it makes sense to do 2 major upgrades in the space of a few weeks / months. What do you think?