fix: group Dependabot Actions PRs and fix DCO allowlist

- Add a Dependabot group to bundle all GitHub Actions updates into a
  single weekly PR instead of one per action
- Fix DCO allowlist: dependabot -> dependabot[bot] to match the actual
  GitHub username (the old value never matched, but there were no
  Dependabot PRs before #517 to expose the bug)

Author: andreatgretel

.github/dependabot.yml

@@ -4,6 +4,10 @@ updates:
     directory: /
     schedule:
       interval: weekly
+    groups:
+      all-actions:
+        patterns:
+          - "*"
     commit-message:
       prefix: "ci"
   - package-ecosystem: pip

.github/workflows/dco-assistant.yml

@@ -35,7 +35,7 @@ jobs:
           path-to-signatures: "dco-signatures.json"
           path-to-document: 'https://github.com/NVIDIA-NeMo/DataDesigner/blob/main/DCO'
           branch: 'signatures'
-          allowlist: dependabot
+          allowlist: dependabot[bot]
           create-file-commit-message: "chore: create file to store dco signatures"
           signed-commit-message: "chore: $contributorName has signed the dco in #$pullRequestNo"
           custom-notsigned-prcomment: "Thank you for your submission! We ask that $you sign our [Developer Certificate of Origin](https://github.com/NVIDIA-NeMo/DataDesigner/blob/main/DCO) before we can accept your contribution. You can sign the DCO by adding a comment below using this text:"