[FR]: Document the dependency update process

[SimonMarquis]

Is there an existing issue for this?

• I have searched the existing issues

Describe the problem

Now that we have enabled first party support for dependency updates #893, we should also go the extra mile to ensure a smooth and timely update process.

Pending dependabot updates are listed here:

• version update This is related to a library, API or SDK update which requires some work. Not just a version bump.
• https://github.com/android/nowinandroid/pulls?q=is%3Apr+is%3Aopen+sort%3Aupdated-desc+author%3Aapp%2Fdependabot

Describe the solution

1. Duplicating reviews and pinging maintainers is probably not a good solution...

2. The simpler solution would be to give review/write permission to more maintainers, but I understand that this could be difficult to set up, with legal concerns.

3. An alternative could be to implement an automated update process to approve and merge patch/minor updates when the build succeeds. This can be implemented with a custom workflow like this one (as documented here).

Additional context

We might also document the chosen solution (process, implications, etc.) in the main README.md for everyone to read.

Code of Conduct

• I agree to follow this project's Code of Conduct