Disable dependabot for auto-request-review for now

because you have to manually update the version tag comment.
It feels unsafe to trust third party git tags when you need to pass
MATZBOT_GITHUB_TOKEN to it. Git commit sha alone isn't human-readable
and I'm reluctant to remove the comment either. It doesn't seem worth
the effort to review changes for every release of this action.

.github/dependabot.yml

@@ -4,3 +4,6 @@ updates:
     directory: '/'
     schedule:
       interval: 'weekly'
+    ignore:
+      # It doesn't update the version comment for us
+      - dependency-name: 'necojackarc/auto-request-review'

.github/workflows/auto_request_review.yml

@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Request review based on files changes and/or groups the author belongs to
-        uses: necojackarc/auto-request-review@b5e81876454003a4ccb9b89cb205c67d77d7035b # v0.7.0, checking sha
+        uses: necojackarc/auto-request-review@b5e81876454003a4ccb9b89cb205c67d77d7035b # v0.8.0, checking sha
         with:
           # scope: public_repo
           token: ${{ secrets.MATZBOT_GITHUB_TOKEN }}