Feature Request: `@dependabot snooze`

[jtannas]

Description

When I do not have the bandwidth to update a dependency, I would like to be able to hit "snooze" on updates for that dependency to temporarily ignore that dependency. It would be given as a command with similar syntax to the ignore command (eg. @dependabot snooze this major version for 14 days).

Reasoning

For major version updates to foundational dependencies (eg. Angular, Node, React, Ruby-on-Rails, Vue, etc...) they often require a lot of extra work to get the code working with the new version. For teams that don't have the bandwidth to handle these upgrades right away, it would be nice to temporarily ignore those dependencies and then have dependabot open a PR at the end of it with the latest relevant version.

• Reduces PR clutter from dependencies waiting to be upgraded
• Reduces PR spam from the usual flurry of patches after a major release bump
• Allows people to temporarily close dependabot PRs without having to either
  • remember to reopen them, or
  • hope a patch version PR arrives later to reopen it

Other Notes

I realize the code for anything time related can quickly spiral out of control, so no worries if this turns out to be impractical. Thanks for the awesome tool! :bow: