We have configured dependabot to push security/vulnerability fixes to the security-fixes branch.

Snyk still pushes to main branch, we need to figure out how to ask snyk to raise prs against the security-fixes branch by default