Add a profile for enforcing lightweight dependabot configuration

[rdimitrov]

The following PR adds a profile that would enforce a lightweight Dependabot configuration reflecting the ecosystem of the project.

It covers Go, Python and JavaScript. It also enables the github-actions by default.

Fixes: https://github.com/stacklok/minder-stories/issues/129

Depends on #227

[rdimitrov]

I've tested this profile along another profile that has the dependabot_configured ruletype and they don't conflict, or at least not in a bad way.

For example, if the repo doesn't have dependabot enabled:

• Both ruletypes will fail and if remediation is enabled, both will open PRs
• Merging the enforce one, would satisfy both rules and the 2nd PR will be closed automatically by Minder
• Merging the dependabot_configured one would not satisfy the enforce one and so only 1 of the rules will be satisfied leaving the other PR opened.

I consider this behaviour to be expected and not conflicting, but I'm open to discuss it of course.