Description

While working on #37 we discovered that many of our Python dependencies and the Python versions we're using have been deprecated or have security vulnerabilities associated with them. This is in part due to the success of our services that we haven't needed to update them. Dependabot is already configured to identify security issues in this repository, but it doesn't been configured to open PRs to update packages. To help cut down on developer time spent doing this sort of maintenance and to more proactively address security issues we want to configure Dependabot to do this for us.

See,

• https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates
• https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates

Acceptance Criteria

• Dependabot configured to open PRs for security updates
• Dependabot configured to open PRs for relevant package ecosystems (Github Actions, pip for requirements.txt and Pipfile, Docker, etc)