Refine Renovate config to reduce PR noise

- Disable pip_requirements manager: docs/requirements.txt restates
  packages already managed via Poetry dev-deps, so updates were
  duplicating across two PRs per package.
- Use rangeStrategy=update-lockfile for Poetry runtime deps so
  library users are not forced onto a newer minor than necessary
  (e.g., keep pydantic ^2.9 instead of bumping the floor to 2.13.3).
  Dev-deps and GitHub Actions still use the global "bump" strategy.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: jtdub

.github/renovate.json

@@ -20,6 +20,17 @@
       "matchPackageNames": ["python"],
       "enabled": false
     },
+    {
+      "description": "Disable pip_requirements manager — docs/requirements.txt is a Read the Docs duplicate of Poetry dev-deps",
+      "matchManagers": ["pip_requirements"],
+      "enabled": false
+    },
+    {
+      "description": "For library runtime deps, only refresh the lockfile rather than raising the lower-bound constraint (keeps the library installable for users on older minor versions)",
+      "matchManagers": ["poetry"],
+      "matchDepTypes": ["dependencies"],
+      "rangeStrategy": "update-lockfile"
+    },
     {
       "description": "Keep major bumps as separate PRs so they can be reviewed deliberately",
       "matchUpdateTypes": ["major"],