refactor: consolidate Dependabot dependency groups and remove placeholder pom.xml

[ramsessanchez]

Summary

Refactors the Dependabot configuration to reduce duplicate and noisy PRs by consolidating dependency groups across ecosystems. Mirrors changes from microsoftgraph/msgraph-sdk-java#2602.

Changes

Dependabot config (.github/dependabot.yml)

• Consolidated from 4 entries to 2 — single \gradle\ entry + \github-actions\
• Merged gradle directories — /, /java-8, and /android\ are now in one entry using the \directories\ key, so dependency bumps across these projects result in a single PR
• Removed the \maven\ ecosystem entry — the \pom.xml\ was only a placeholder for the dependency graph, which is now handled by the Gradle dependency submission action
• Added new dependency groups:
  • \�ndroid-build-tools\ — groups Android/Gradle plugin dependencies
  • \�ll-actions\ — groups all GitHub Actions updates into a single PR

Gradle dependency submission (.github/workflows/gradle-build.yml)

• Added \push\ trigger on \main\ branch
• Added a \dependency-submission\ job that uses \gradle/actions/dependency-submission@v4\ to submit the Gradle dependency graph to GitHub on push to \main\
• This replaces the role of the placeholder \pom.xml\ for powering GitHub's dependency graph and Dependabot security alerts

Cleanup

• *Deleted \pom.xml* — no longer needed as a placeholder
• *Removed pom.xml reference from
  elease-please-config.json* — version bumps no longer need to update pom.xml
• *Removed \�xclude 'pom.xml'\ from \�uild.gradle* — file no longer exists

Impact

• Fewer Dependabot PRs (no more duplicates between maven/gradle ecosystems)
• Better grouping of related dependency updates
• Dependency graph now powered natively by Gradle instead of a manually-maintained pom.xml

[sonarqubecloud]

Quality Gate failed

Failed conditions
1 Security Hotspot

See analysis details on SonarQube Cloud