ci: replace lock_upd job with Dependabot (#619)

With the added config we should get from Dependabot at most daily PRs on
breaking change releases of our direct upstream dependencies and at most
weekly PRs for Cargo.lock updates.

Author: newpavlov

.github/dependabot.yml

@@ -0,0 +1,19 @@
+version: 2
+updates:
+- package-ecosystem: cargo
+  directory: "/"
+  versioning-strategy: increase-if-necessary
+  schedule:
+    interval: daily
+  open-pull-requests-limit: 10
+- package-ecosystem: cargo
+  directory: "/"
+  versioning-strategy: lockfile-only
+  schedule:
+    interval: weekly
+  open-pull-requests-limit: 10
+- package-ecosystem: "github-actions"
+  directory: "/"
+  schedule:
+    interval: weekly
+  open-pull-requests-limit: 10