Adjust handling of GH action dependencies for CI/CD partnership

[trmartin4]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-14640

📔 Objective

As we have started to share ownership of our build pipelines between BRE and Platform, BRE no longer owns all of the github-action-managed dependencies. The current renovate.json results in misleading PR titles like #12706.

This PR does the following:

• Removes the addition of the BRE prefix for all github-action dependencies.
• Removes patch updates from the scope of PR creation.

❓ What will upcoming PRs look like?

• Patch updates will be ignored
• Minor updates will be grouped into a single PR, with no team-specific prefix, with the PR reviewer(s) determined by who owns the workflow files in which the dependencies are used (e.g. Platform would need to review build/lint/test workflows, BRE would need to review deploy/publish workflows).
  • 🤔 Note that we can do this since the workflow files have explicit CODEOWNERs defined, whereas other dependencies are updated in package.json which doesn't have an owner, so we have to assign the ownership in renovate.json.
• Major updates will be handled independently with PRs for each, with no team-specific prefix with the PR reviewer(s) determined by who owns the workflow files in which the dependencies are used

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – 3335dfa2-9d15-45f3-9eec-027302d7dfc5

Great job, no security vulnerabilities found in this Pull Request

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 34.13%. Comparing base (e1434d8) to head (98742e7).
Report is 60 commits behind head on main.

✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #12818   +/-   ##
=======================================
  Coverage   34.13%   34.13%           
=======================================
  Files        2936     2936           
  Lines       90435    90435           
  Branches    16989    16989           
=======================================
  Hits        30869    30869           
  Misses      57109    57109           
  Partials     2457     2457           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.