Add Dependabot for automated dependency updates

- Configure Dependabot to check for updates weekly (Mondays)
- Group related packages (TypeScript ESLint, Jest, Puppeteer, ESLint)
- Enable GitHub Actions updates
- Add dependency management section to CLAUDE.md
- All current packages are up to date with no vulnerabilities

Author: pdugan20

.github/dependabot.yml

@@ -0,0 +1,44 @@
+version: 2
+updates:
+  # Enable version updates for npm
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+    open-pull-requests-limit: 10
+    groups:
+      # Group all TypeScript ESLint packages together
+      typescript-eslint:
+        patterns:
+          - "@typescript-eslint/*"
+      # Group all Jest/testing packages together
+      jest:
+        patterns:
+          - "jest"
+          - "@types/jest"
+          - "ts-jest"
+      # Group Puppeteer packages together
+      puppeteer:
+        patterns:
+          - "puppeteer*"
+      # Group ESLint packages together
+      eslint:
+        patterns:
+          - "eslint*"
+        exclude-patterns:
+          - "@typescript-eslint/*"
+    # Automatically merge patch and minor updates for dev dependencies
+    labels:
+      - "dependencies"
+      - "automated"
+
+  # Enable version updates for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+    labels:
+      - "github-actions"
+      - "automated"

CLAUDE.md

@@ -162,6 +162,14 @@ npm run format:check              # Check if code is formatted
 - `commander` for CLI
 - `chalk` + `ora` for terminal UI
 
+**Dependency management:**
+- Dependabot configured in `.github/dependabot.yml`
+- Runs weekly checks every Monday
+- Groups related packages (TypeScript ESLint, Jest, Puppeteer, ESLint)
+- Creates PRs automatically for updates
+- Check security: `npm audit`
+- Check outdated: `npm outdated`
+
 ## When Libby Changes
 
 **CRITICAL monitoring points:**