chore(deps): restrict dependabot to security-only updates (#290)

Set open-pull-requests-limit: 0 on all three ecosystems. Per Dependabot
docs, this disables version-update PRs while leaving security-advisory
PRs unaffected.

Author: viraatc

.github/dependabot.yml

@@ -5,21 +5,21 @@ updates:
     schedule:
       interval: "weekly"
       day: "monday"
-    open-pull-requests-limit: 1
+    open-pull-requests-limit: 0
     labels: ["dependencies", "security"]
 
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
       interval: "weekly"
       day: "monday"
-    open-pull-requests-limit: 1
+    open-pull-requests-limit: 0
     labels: ["dependencies", "ci"]
 
   - package-ecosystem: "docker"
     directory: "/scripts"
     schedule:
       interval: "weekly"
       day: "monday"
-    open-pull-requests-limit: 1
+    open-pull-requests-limit: 0
     labels: ["dependencies", "docker"]