Adds a workflow that, on Dependabot PRs, rebuilds the ncc-bundled dist/
and pushes it back onto the PR branch, so a dependency bump and its
matching dist/ land in a single PR and the validate workflow stays green.
Pushing the dist commit uses GH_PAT (the default GITHUB_TOKEN is read-only
on Dependabot runs and its pushes do not re-trigger checks). The job is a
no-op until GH_PAT is available as a Dependabot secret.
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>