add dependbot and modify the github token permission

[China-zoupanpan]

Labels (hint)

Choose the obligatory labels:

• "ctg" (category): enhancement,

Title (hint)

add dependbot and modify the github token permission

Description

add dependbot and modify the github token permission to enhance security

How to test

Automated tests

Please specify the automated tests for your code changes: you should either mention the existing tests or add the new ones.

For example:

The proposed changes are verified with tests:
utbot-fuzzing/src/test/kotlin/org/utbot/fuzzing/FuzzerSmokeTest.kt

Manual tests

If it is impossible to provide the automated tests, please reason why. Usually, it is relevant only for UI- or documentation-related PRs.
If this is your case, share the detailed manual scenarios that help to verify your changes.

Self-check list

Check off the item if the statement is true. Hint: [x] is a marked item.

Please do not delete the list or its items.

• I've set the proper labels for my PR (at least, for category and component).
• PR title and description are clear and intelligible.
• I've added enough comments to my code, particularly in hard-to-understand areas.
• The functionality I've repaired, changed or added is covered with automated tests.
• Manual tests have been provided optionally.
• The documentation for the functionality I've been working on is up-to-date.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.