Relocate nuget.config to dependabot dir

[brrygrdn]

See: dependabot/dependabot-core#3724

Hi @SwiftMJ - I've been looking into this issue, I noted that the Dependabot code that looks for Nuget sources does check the nuget.config here

I used the dry run script in dependabot-core to see what was happening:

bin/dry-run.rb nuget "SwiftMJ/DependabotTest" --dir="/DependabotTest" --cache=files

Since the dry run didn't have access, or even know about the private registry, we get the opposite behaviour where Newtonsoft.Json is bumped by nothing is done about the private dependency, which is working as intended I think:

=> fetching dependency files
=> dumping fetched dependency files: ./dry-run/SwiftMJ/DependabotTest/DependabotTest
=> parsing dependency files
=> updating 2 dependencies: Newtonsoft.Json, Telerik.UI.for.Blazor

=== Newtonsoft.Json (12.0.3)
 => checking for updates 1/2
 => latest available version is 13.0.1
 => latest allowed version is 13.0.1
 => requirements to unlock: own
 => requirements update strategy:
 => updating Newtonsoft.Json from 12.0.3 to 13.0.1

    ± DependabotTest.csproj
    ~~~
    9c9
    < 		<PackageReference Include="Newtonsoft.Json" Version="12.0.3" />
    ---
    > 		<PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
    ~~~

=== Telerik.UI.for.Blazor (2.23.0)
 => checking for updates 2/2
 => latest available version is
 => latest allowed version is 2.23.0
 => requirements to unlock: update_not_possible
 => requirements update strategy:
    (no update possible 🙅‍♀️)

The one thing I did notice is that the cache directory only had the following files:

➜  dependabot-core git:(main) tree dry-run/SwiftMJ/DependabotTest
dry-run/SwiftMJ/DependabotTest
└── DependabotTest
    ├── DependabotTest.csproj
    └── cache-manifest-nuget.json

I think it is expected that the nuget.config should live in the same path as the csproj file in order for the repo to be picked up.