ci(renovate): disable pinning dependencies

We shouldn't pin dependencies unless we have to.

This is for two reasons:

- If a dependency has a security issue, users should be able to
  easily update the dependency, before `mermaid` makes a new release
- If using `mermaid.core.js` in an app, using a dependency range
  means that users can bundle less dependencies.
  E.g. they won't need to bundle `lodash@4.17.y` just becasue mermaid
  needs `lodash@4.17.x`.

For development/CI, our dependencies are pinned by pnpm-lock.yaml
file anyway.

renovate.json

@@ -12,7 +12,7 @@
   ],
   "packageRules": [
     {
-      "matchUpdateTypes": ["minor", "patch", "pin", "digest"],
+      "matchUpdateTypes": ["minor", "patch", "digest"],
       "automerge": true
     }
   ],