Dependabot not checking versions properly

[AlvaroBrey]

As outlined in #20 and dependabot/dependabot-core#3286, dependabot does not respect the repositories defined in settings.gradle and instead uses some default repos (jcenter, maven central, and plugins.gradle.org), which means dependencies from google's maven repo are never updated. Check this run for example.

Alternatives to get automated version updates right now:

1. Move to the old way of defining repos in repositories blocks at script level.
2. Try using renovatebot instead of dependabot. It's more maintained at least, and this usecase should work.

This is not urgent as this repo does not have that many dependencies, but as it grows it will become worse.

[tobiasKaminsky]

Strange that this is not requested more often, as dependabot is now default on GitHub and there are lots of Android repositories…

[AlvaroBrey]

If we get Renovate working on the config repo and it works well (https://github.com/nextcloud/android-config/pull/22/files), we may want to use it here as well for Gradle. That may fix this issue.

[AndyScherzinger]

implemented renovate via #251