Add dependabot cooldown; bump Astro & esbuild

[coliff]

Add a 7-day cooldown to Dependabot update configs to reduce frequent PR noise. Add npm and VS Code Extension links to the website social links. Bump website dependency constraints for astro (to ^5.17.3) and esbuild (to ^0.27.3) and update the lockfile accordingly.

[gemini-code-assist]

Code Review

The pull request successfully updates the website dependencies to their latest versions and introduces a Dependabot cooldown to manage pull request frequency. The addition of the npm social link is a good improvement. However, the vscode icon specified for the VS Code Extension social link is not currently supported by Starlight's built-in social icon set, which will likely prevent the icon from rendering correctly in the site header.

[Copilot]

Pull request overview

This PR reduces Dependabot PR churn by adding a cooldown period, refreshes the website’s dependency versions (Astro/esbuild via lockfile), and expands the website’s social links to include npm and the VS Code extension.

Changes:

• Add cooldown: default-days: 7 to each Dependabot update configuration.
• Bump website’s astro dependency to ^5.17.3 and update website/package-lock.json accordingly (including updated esbuild entries under Astro).
• Add npm + VS Code Marketplace links to Starlight social links in the website config.

Reviewed changes

Copilot reviewed 3 out of 4 changed files in this pull request and generated 2 comments.

File	Description
.github/dependabot.yml	Adds cooldown settings to reduce frequent Dependabot PRs.
website/astro.config.mjs	Adds npm and VS Code Extension to the site’s social links.
website/package.json	Updates Astro version constraint for the website.
website/package-lock.json	Updates resolved dependency graph for Astro bump and related transitive deps (incl. esbuild under Astro).

Files not reviewed (1)

• website/package-lock.json: Language not supported