Make Dependabot merges automatically release patch version

Ideally make Dependabot directly from its PR update the changelog and package.json version

Failing that, create a workflow which automatically bumps the version for Dependabot merges