Move to Snyk for security checks

[pydanny]

PyUP just sent me notice that on August 1 all repos must be on paid plans.

• Find an alternative (Snyk preferred, I'll ask them if they can assist)
• Switch from PyUP to alternative

[rdegges]

No problemo! Snyk is happy to sponsor cookiecutter =) Will send DM with details.

[browniebroke]

I noticed today that our template dependencies aren't being kept up to date by dependabot, presumably due to a bug in the bot and also perhaps because we use uv in the template project.

Are there been any progress on this? @rdegges I would be happy to pick this up, I think I should have enough access to this repo looks like I need to be an org admin. Does Snyk support uv as package manager?

Alternatively, I've used Renovate which seemingly support everything under the sun (including uv) and is highly customisable. Also supports auto-merging after a delay for certain types of upgrades (patch/minor, but not major), hence reducing the maintenance efforts.