chore: re-enable Dependabot version updates (uv + github-actions)

Switch package-ecosystem from pip to uv to match the project's package
manager and uv.lock. Set open-pull-requests-limit to 5 (was 0, effectively
disabled). Add github-actions ecosystem to track Action version updates.

Security updates were already running via auto-detected uv ecosystem;
this enables proactive version updates on the same ecosystem.

Author: jstvz

.github/dependabot.yml

@@ -1,8 +1,14 @@
 version: 2
 updates:
-    - package-ecosystem: pip
+    - package-ecosystem: uv
       directory: "/"
       schedule:
           interval: weekly
           day: tuesday
-      open-pull-requests-limit: 0
+      open-pull-requests-limit: 5
+    - package-ecosystem: github-actions
+      directory: "/"
+      schedule:
+          interval: weekly
+          day: tuesday
+      open-pull-requests-limit: 5