feat(deps): configure Renovate

[fro-bot]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---

Detected Package Files

• components/gemini-imagegen/skills/gemini-imagegen/requirements.txt (pip_requirements)
• .github/renovate.json5 (renovate-config-presets)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Use the global config preset for the @bfra-me organization.
• See the self-hosted Renovate action for details.
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Group known monorepo packages together.
• Use curated list of recommended non-monorepo package groupings.
• Show only the Age and Confidence Merge Confidence badges for pull requests.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.
• Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff
• Correctly link to the source code for golang.org/x packages
• Link to pkg.go.dev/... for golang.org/x packages' title
• Pin Docker digests.
• Pin github-action digests.
• Enable Renovate configuration migration PRs when needed.
• Pin dependency versions for development dependencies.
• Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides.
• Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.
• Run lock file maintenance (updates) early Monday mornings.
• Require all status checks to pass before any automerging.
• Enable Docker major updates.
• Show OpenSSF badge on pull requests.
• Use @bfra-me replacements config presets.
• Add PR labels.
• Raise PR when vulnerability alerts are detected with label security, in addition to any existing list of PR labels.
• Automerge security updates to vulnerability alerts.
• Perform lockfile maintenance every Monday before 3 AM.
• Group minor and patch updates to @types devDependencies.
• Group React packages and types.
• Group all Rollup-related updates.
• Group Prettier packages together.
• Group all Vite related packages together.
• Update @elstudio/actions-settings digests in GitHub actions and workflows.
• Use the default Renovate config preset for the @bfra-me organization.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to .github/renovate.json5 in this branch and select the Retry/Rebase checkbox below. Renovate will update the Pull Request description the next time it runs.

---

What to Expect

It looks like your repository dependencies are already up-to-date and no Pull Requests will be necessary right away.

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

• If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by Renovate Bot.