chore: Dependabot set-up refinement

[jcsec-security]

Dependabot aims to spot and fix outdated dependencies that are affected by publicly know vulnerabilities. It has been integrated in the monorepo for a time now, but the amount of uninteresting alerts it generates can get out of hand and hide the ones that should be prioritized.

The proposed changes aim to:

• Reduce the number of alerts to those that are of interest.
  • Snooze alerts related to OpenZeppelin smart contracts.: changes in the SCs required a thorough audit process before being deployed.
  • Snooze alerts related to TS/JS libraries (NPM in general): less relevant security-wise as, as far as I was told, those are merely a replacement for shell scripts for local development
  • Snooze alerts where a patch is not available yet
• Auto creation of PR with fixes that the bot is able to solve on its own
  • At the moment, dependabot doesn´t deal very well with the repo having 3 separated workspaces... in the past the bot was not able to auto-fix some that were present.

This PR is the first step, the second being modifying Dependabot's config from the repo's security panel as shown below:

- Dependabot alerts -> enabled
  -> Dependabot rules:
    - package:@openzeppelin/contracts
        - Rule `Dismiss alerts -> Indefinitely
    - ecosystem:Rust
        - Rule `Dismiss alerts -> Until patch is available` , mark `Open a pull request to resolve alerts`
    - ecosystem:npm
        - Rules `Dismiss alerts -> Indefinitely`
- Dependabot security updates -> disabled
- Grouped security updates -> disabled 
	- This might be useful, but I haven´t tested it yet
- Dependabot version updates -> disabled
- Dependabot on Actions runners -> enabled