github: tweak dependabot frequency (#1624)

* github: tweak dependabot frequency

Before:

* "Dependabot Security Alerts" was enabled
* Security Alerts scans All contents, so it creates noisy PRs.

After:

* Disable "Dependabot Security Alerts".
* Check github-actions in daily and create security updates PR at
once.
* Check bundler in daily and does not create both of security update
  and normal update because it will not be intended to update by
  dependabot..

Signed-off-by: Kentaro Hayashi <hayashi@clear-code.com>

* github: generate dependabot.yml

Signed-off-by: Kentaro Hayashi <hayashi@clear-code.com>

---------

Signed-off-by: Kentaro Hayashi <hayashi@clear-code.com>

Author: kenhys