chore(ci): enhance Dependabot configuration for GitHub Actions and Pub packages

[xsahil03x]

Summary by CodeRabbit

• Chores
  • Consolidated automated dependency-update configuration: grouped package/workflow updates, limited concurrent open PRs, standardized commit prefixes, and added rules to ignore semver-patch action updates.
  • Updated conventional PR title scopes: removed outdated entries, reordered and added scopes (including core, localization, persistence, ci, deps, samples) for more consistent PR validation and changelog generation.

[coderabbitai]

Walkthrough

Consolidates Dependabot configuration to group GitHub Actions and pub package updates with limits and commit-message prefix; updates the PR-title workflow scopes by removing doc, reordering, and adding scopes (core, localization, persistence, ci, deps, samples).

Changes

Cohort / File(s)	Summary
Dependabot configuration .github/dependabot.yml	Merges multiple entries into grouped configs: adds open-pull-requests-limit: 10, groups all-actions (pattern ["*"]) and all-dependencies (multi-directory directories: [...]), sets commit-message prefix chore(deps), weekly schedule, and ignores semver-patch for actions.
PR title workflow scopes .github/workflows/pr_title.yml	Updates conventional_pr_title job scopes input: removes doc, reorders and expands scopes to llc, core, ui, localization, persistence, ci, deps, repo, samples; no other workflow steps changed.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Dependabot as Dependabot (weekly)
  participant Repo as GitHub Repo
  participant PR as Pull Request
  participant CI as pr_title Workflow

  rect rgb(245,250,255)
    note over Dependabot,Repo: Dependabot groups updates\n(GitHub Actions & pub packages) and uses\ncommit prefix "chore(deps)" with limits
    Dependabot->>Repo: Open grouped PR(s)
    Repo->>PR: PR(s) created with chore(deps) commits
  end

  rect rgb(245,255,245)
    note over PR,CI: PR title checks use updated scopes
    PR->>CI: Trigger conventional PR title workflow
    CI->>CI: Validate commit/PR title scopes\n(llc, core, ui, localization, persistence, ci, deps, repo, samples)
    CI-->>PR: Report pass/fail
  end

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Review .github/dependabot.yml grouping and directory list for accuracy.
• Verify .github/workflows/pr_title.yml scopes input ordering and any callers/uses.

Suggested reviewers

• renefloor

Poem

I twitch my whiskers, neat and bright,
I bundle updates through the night.
Scopes sorted, titles trimmed just so,
A hop, a nudge — the workflow flows.
Carrot-coded cheer — merge-ready glow! 🥕

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and accurately summarizes the main changes: enhancements to Dependabot configuration for GitHub Actions and Pub packages, which directly matches the core modifications documented in the raw summary.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/dependabot-improvements

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between b9a53b2 and 8d709cf.

📒 Files selected for processing (2)

• .github/dependabot.yml (1 hunks)
• .github/workflows/pr_title.yml (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• .github/dependabot.yml
• .github/workflows/pr_title.yml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: stream_chat_localizations
• GitHub Check: stream_chat_flutter
• GitHub Check: stream_chat_persistence
• GitHub Check: stream_chat_flutter_core
• GitHub Check: stream_chat

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.github/dependabot.yml (1)

20-22: Reconsider ignoring patch-level updates for Actions.

Suppressing semver patch updates can hide important fixes (including some security remediations that are not flagged separately). Consider removing the ignore rule so Dependabot can surface those updates promptly.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 1f501c0 and d15db89.

📒 Files selected for processing (2)

• .github/dependabot.yml (1 hunks)
• .github/workflows/pr_title.yml (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: stream_chat_flutter_core
• GitHub Check: stream_chat_persistence
• GitHub Check: stream_chat
• GitHub Check: stream_chat_flutter
• GitHub Check: stream_chat_localizations

🔇 Additional comments (1)

.github/workflows/pr_title.yml (1)

21-41: Scopes update looks solid.

Appreciate the expanded scope list and inline documentation—this keeps PR title expectations aligned with the new Dependabot flows.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 02a7068 and b9a53b2.

📒 Files selected for processing (1)

• .github/dependabot.yml (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: stream_chat_persistence
• GitHub Check: stream_chat
• GitHub Check: stream_chat_flutter_core
• GitHub Check: stream_chat_localizations
• GitHub Check: stream_chat_flutter