fix(repo-required-gate): exempt dependabot from the PR body/title contract

[ArchonVII]

Problem

The reusable repo-required-gate runs the strict PR body/title contract (scripts/pr-contract.mjs) on every non-draft PR. A dependabot PR body is generated and structurally cannot satisfy the contract (no ## Summary, no ## Verification with checked + evidence, no Closes #N), so pr contract fails and the required decision job is red — for every dependabot PR, on every consumer repo pinned to @v1.

This also blocks auto-merge-dependabot.yml: native auto-merge waits for required checks, which never go green. Major bumps (manual review) can't be merged without an admin bypass either.

A concrete instance: ArchonVII/hudson-bend#236 (actions/checkout 6→7, a major bump) is stuck red on pr contract + decision.

Proposed change

Add a pr-contract-exempt-bots input (comma-separated logins, default dependabot[bot], exact-match — NOT a blanket [bot] suffix). In the pr-contract job, after the existing draft skip, early-return (success) when pr.user.login is in the list. The dependency-review / language-CI / actionlint lanes still run and still gate merge via decision; only the human-authored body/title contract is skipped.

Acceptance Criteria

• New pr-contract-exempt-bots input on repo-required-gate.yml, default dependabot[bot], documented; empty disables it.
• A dependabot-authored PR makes pr contract conclude success (skipped) and decision green, with CI/dependency lanes still running.
• A human-authored PR is unaffected (contract still enforced).
• Default is exact-match dependabot only; arbitrary [bot] apps are NOT auto-exempted.
• actionlint + vitest (workflow-structure) pass.