Setup dependency updates/freezing

[SocksTheWolf]

Currently, we just use whatever is the latest of these packages, but that can be an issue if any of our requirement modules has a major update. The goal is to update our requirements file so that it freezes properly.

Goals:

• Freeze the requirements file to the current latest versions
• Set up dependabot yml file to make sure that we are properly updating these modules.
• Have a github deploy action do a pip update whenever the requirements.txt updates

[user4752]

Reading the documentation on github actions and the package from https://github.com/dorny/paths-filter this appears to be the semantically correct way to perform an update on a file change. Syntax is probably incorrect.

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    - uses: dorny/paths-filter@v2
      id: filter
      with:
        filters: |
          deps_updated:
            - 'requirements.txt'
...
# Install SSH Key
# Update Python Project
...
    - name: Update python depedencies
      env:
        AUTHKEYNAME: ${{ vars.AUTH_KEY_NAME }}
      with:
        host: ${{secrets.SSH_HOST}}
        key: ${{secrets.SSH_KEY}}
        username: ${{secrets.SSH_USERNAME}}
        envs: AUTHKEYNAME
      if: steps.filter.outputs.deps_updated == 'true'
      script: |
          echo "Moving to project directory"
          cd ~/project/AntiScamBot
          echo "Updating requirements"
          pip install -r requirements.txt
          echo "Update success"