Fix warning[dependabot-cooldown]: insufficient cooldown in Dependabot updates

Author: hugovk

.github/dependabot.yml

@@ -5,4 +5,9 @@ updates:
     directory: "/"
     schedule:
       interval: monthly
+    cooldown:
+      # https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns
+      # Cooldowns protect against supply chain attacks by avoiding the
+      # highest-risk window immediately after new releases.
+      default-days: 14
     open-pull-requests-limit: 10