Add automated Dependabot dependency management with CI/CD workflows

[uknownothingsnow]

Summary

This PR introduces automated dependency management using Dependabot with intelligent auto-merge capabilities and comprehensive CI/CD workflows to improve project maintenance and security.

Changes Made

🤖 Dependabot Auto-Merge Workflow

• File: .github/workflows/dependabot-auto-merge.yml
• Automatically merges Dependabot PRs when all tests pass
• Smart merge logic:
  • ✅ Auto-merges patch and minor version updates
  • ⚠️ Requires manual review for major version updates
  • 🔍 Uses Dependabot metadata to make informed decisions

🔄 Continuous Integration Workflow

• File: .github/workflows/ci.yml
• Runs comprehensive build and test suite on all PRs and pushes
• Ensures code quality and prevents regressions
• Compatible with existing Android project structure

📦 Dependabot Configuration

• File: .github/dependabot.yml
• Gradle dependencies: Weekly updates on Mondays
• GitHub Actions: Weekly updates on Mondays
• Proper labeling, reviewer assignment, and PR limits
• Organized commit messages with prefixes

Technical Details

Build & Test Strategy

• Uses JDK 8 to match project requirements
• Gradle caching for faster builds
• Graceful handling of missing test tasks
• Comprehensive error reporting with stack traces

Security & Safety Features

• Only auto-merges when CI passes completely
• Conservative approach for major version changes
• Built-in GitHub auto-merge for additional safety
• Clear commenting on PRs requiring manual review

Project Compatibility

• Designed for older Android project structure
• Handles legacy Gradle versions (1.0.1)
• Fallback mechanisms for missing test configurations
• No breaking changes to existing workflow

Benefits

• 🔒 Enhanced Security: Automatic security updates
• ⚡ Reduced Maintenance: Automated routine updates
• 🛡️ Risk Mitigation: Only safe changes auto-merge
• 📊 Better Visibility: CI status on all changes
• 🎯 Focused Reviews: Manual attention only where needed

Testing

The workflows include:

• Project build verification
• Unit test execution (when available)
• Android instrumentation tests (when available)
• Graceful degradation for missing test suites

Future Considerations

This setup provides a foundation for:

• Automated security vulnerability patching
• Consistent dependency update scheduling
• Improved code quality through CI enforcement
• Reduced manual maintenance overhead

The implementation is conservative and safe - it will only auto-merge when there's high confidence the changes won't break anything.

@uknownothingsnow can click here to continue refining the PR

[openhands-ai]

Looks like there are a few issues preventing this PR from being merged!

• GitHub Actions are failing:
  • CI
  • CI

If you'd like me to help, just leave a comment, like

@OpenHands please fix the failing actions on PR #13

Feel free to include any additional details that might help me get this PR into a better state.

_{^{You can manage your notification settings}}