daily dependabot check with windows and macos matrix can be expensive for private GitHub projects

[philvarner]

I recently created my first project with cookiecutter-hypermodern-python, but was surprised by how much cost was incurred by the GH Actions. For a public repo this likely doesn't matter, but if the repo is private, then the costs can be substantial. There is a large version matrix by default, and 15 jobs are run. daily dependabot means a lot of jobs get triggered for the numerous dependencies that exist by default.

One issue is that windows jobs are 2x the cost and macos jobs are 10x the cost. This adds up, especially when one of the jobs (for whatever reason) hangs for a while -- I saw some of my jobs take 45 minutes to complete in a project with one python file and no actual tests.

My suggestion would be:

• change dependabot frequency from daily to weekly
• include the entries for macos and windows, but comment them out them by default

[Coinhexa]

And also add only one version of Python to run all tests (say 3.10), most people are going to just install a specific version of Python inside their Dockerfile at the end of day. An even better suggestion is to ask a comma separated list of python versions and operating systems on which you want to run this in the CLI at the start