Modify renovate config for better experience (#7605)

## Summary

This PR includes 3 somewhat related changes, which should help maintain
a better experience and keep the repo somewhat more secure:
1. Pin github actions to hashes instead of versions automatically, this
is desirable because github-actions have mutable releases, and no
guarantee the code and the release matches, a fact which has been
repeatedly abused in recent years.
2. Split the lock file updates by ecosystem, so they don't get blocked
on unrelated issues.
3. Instead of automerging patch/minor releases, only do that once a
dependency is "stable" in semver terms (post 1.0)

Signed-off-by: Adam Gutglick <adam@spiraldb.com>

Author: AdamGS

renovate.json

@@ -2,15 +2,15 @@
   "$schema": "https://docs.renovatebot.com/renovate-schema.json",
   "extends": [
     "config:recommended",
-    ":automergePatch",
-    ":automergeMinor",
+    ":automergeStableNonMajor",
     ":automergePr",
     ":automergeRequireAllStatusChecks",
     ":combinePatchMinorReleases",
     ":dependencyDashboard",
     ":separateMultipleMajorReleases",
     ":configMigration",
     "group:rust-futuresMonorepo",
+    "helpers:pinGitHubActionDigests",
     "schedule:earlyMondays",
     "docker:disable"
   ],
@@ -60,6 +60,36 @@
       "matchSourceUrls": [
         "https://github.com/hyperium/tonic"
       ]
+    },
+    {
+      "groupName": "Rust lock file maintenance",
+      "groupSlug": "rust-lock-file-maintenance",
+      "matchManagers": [
+        "cargo"
+      ],
+      "matchUpdateTypes": [
+        "lockFileMaintenance"
+      ]
+    },
+    {
+      "groupName": "Python lock file maintenance",
+      "groupSlug": "python-lock-file-maintenance",
+      "matchManagers": [
+        "pep621"
+      ],
+      "matchUpdateTypes": [
+        "lockFileMaintenance"
+      ]
+    },
+    {
+      "groupName": "JS lock file maintenance",
+      "groupSlug": "js-lock-file-maintenance",
+      "matchManagers": [
+        "npm"
+      ],
+      "matchUpdateTypes": [
+        "lockFileMaintenance"
+      ]
     }
   ],
   "customManagers": [
@@ -77,4 +107,4 @@
       "extractVersionTemplate": "^v?(?<version>.*)$"
     }
   ]
-}
+}