Dependabot frequency

[Byron]

Discussed in #143

^{Originally posted by edward-shen July 30, 2021}
While keeping up to date is a good thing, frequent updates create a lot of noise and can be annoying. Perhaps we can configure it to once a week, or once a month?

We can take larger period between dependabot checks because we already run cargo deny in CI, so any urgent issues will be noticed quickly, where we manually update.

https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#scheduleinterval