Automatically refresh dist files on Dependabot PRs

[ddbeck]

When upgrading @mdn/browser-compat-data, it'd be nice if Dependabot PRs automatically refreshed the dist files. Then it'd be easier to review the effects of the upgrade.

Here's one possible approach for this. When Dependabot upgrades BCD (as in #894), a GitHub Actions workflow ought to to do something like this:

1. If the PR branch matches the pattern dependabot/npm_and_yarn/mdn/browser-compat-data-, run npm run dist:refresh. The command must do what npm run dist does for every file with an existing .dist.yml file.
2. Commit and changes to .dist.yml files that result.
3. Push the changes back to the Dependabot PR branch.

dist.ts probably needs an option flag to just automatically find the applicable files, for this to work.

[foolip]

This sounds like a good idea. As a side effect, Dependabot would stop updating the PR. In order to make @dependabot recreate work, the GitHub Actions workflow could check the number of commits on the branch and push an update if it's exactly 1.

[captainbrosset]

On the WebDX CG call just now, from Daniel: would be nice to do, but hard, lot's of complications.
See also #4001.

[ddbeck]

To elaborate a little, the big hurdles are:

• If any keys are removed, a human being has to first read the release notes and determine if the keys were removed or if the keys were renamed. If they were removed, then strip them from the .yml files. If they were renamed, then figure out where the new target keys are find and replace them.
• The commit must be created by a bot account (you cannot use the GitHub Actions account for this). We don't have such an account, so we'd have to create one and decide who is going to control access to it, manage its tokens, etc.

That's what I know off the top of my head.