Update actions via dependabot (?)

[masklinn]

I'm not a fan of dependency-chasing (although it's not like this project has a lot of those), but apparently dependabot can update actions (keeping them pinned) so might be a good idea instead of having to browse every action repo every time to check the version updates then find the hashes.

https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot