ci(dependabot): set explicit open-pull-requests-limit on all ecosystems

[NotAProfDev]

What

Set open-pull-requests-limit: 5 explicitly on all three Dependabot ecosystems (cargo, github-actions, devcontainers) in .github/dependabot.yml, with a one-line comment on the cargo block noting it matches the version-update default.

Why

5 is already the default open-PR cap for version updates, so this is not a behavior change — it makes the cap visible and intentional in the config rather than implicit. Surfaced while comparing our config against an alternative that set the limit explicitly.

Not included

Deliberately left out of scope (and rejected from the alternative config):

• docker/Dockerfile ecosystem — we use devcontainers + devcontainer-lock.json; there is no Dockerfile.
• npm stub — no frontend/ exists yet.
• No change to cooldown, labels, groups, ignores, or commit prefixes.

Closes #33

🤖 Generated with Claude Code

Summary by CodeRabbit

• Chores
  • Limited the number of concurrent automated dependency update pull requests across supported update sources, helping keep repository updates more manageable.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 494f5867-2cfa-4cfe-a707-b5c491250f4c

📥 Commits

Reviewing files that changed from the base of the PR and between a789c6e and 60d1124.

📒 Files selected for processing (1)

• .github/dependabot.yml

---

📝 Walkthrough

Walkthrough

.github/dependabot.yml now sets open-pull-requests-limit: 5 for cargo, GitHub Actions, and devcontainers, with a comment added on the cargo entry.

Changes

Dependabot open PR limits

Layer / File(s)	Summary
Explicit pull request limits .github/dependabot.yml	open-pull-requests-limit: 5 is set for the cargo, GitHub Actions, and devcontainers schedules; the cargo block also adds a comment stating the value matches the default cap.

🎯 1 (Trivial) | ⏱️ ~5 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title uses Conventional Commits and accurately describes the Dependabot limit changes.
Linked Issues check	✅ Passed	The PR matches #33 by setting the limit on cargo, github-actions, and devcontainers and adding the cargo comment.
Out of Scope Changes check	✅ Passed	The changes stay within the Dependabot config scope and do not add unrelated ecosystems or settings.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch ci/dependabot-pr-limit

---

_{Comment @coderabbitai help to get the list of available commands.}