ci: switch to renovate for dependency updates

[erhancagirici]

Description of your changes

Switches to Renovate for dependency updates and drops Dependabot configuration, to align with the rest of the ecosystem.

• Remove .github/dependabot.yml (previously configured only for daily gomod updates)
• Add .github/renovate.json5 with a comprehensive Renovate configuration covering Go modules, GitHub Actions, and CI tooling versions

Renovate configuration highlights

• Caps concurrent PRs at 5 to avoid noise
• Labels all automated PRs with automated and renovate
• Runs go mod tidy after Go module updates (postUpdateOptions)
• Security-related bumps are always enabled

Go module updates

• Kubernetes ecosystem packages (k8s.io/**, sigs.k8s.io/**): patch/digest bumps are grouped into a single PR; minor/major bumps get individual PRs
• k8s.io/client-go pinned to < 1.0 to avoid the legacy tag noise from the semantic version migration

GitHub Actions

• Minor/patch action bumps grouped into a single PR with digest pinning
• Major action bumps get individual PRs with digest pinning

CI tooling — custom regex managers

• Go
• golangci-lint
• Docker Buildx (for CI)
• uptest (for e2e tests)
• kind version (for e2e test)
• Crossplane version (for CI tests)
• Crossplane CLI (for CI tests and xpkg build)

Following are grouped into single PR:

• Crossplane and Crossplane CLI versions
• golangci-lint bumps in Makefile and CI env vars.
• Go version bumps across go.mod and workflow env vars

I have:

• Read and followed Crossplane's contribution process.
• Run make reviewable to ensure this PR is ready for review.

How has this code been tested

static check with renovate-config-validator --strict
local renovate run