Dependency updates for the v0.6 branch

[FlorianHockmann]

Dependabot currently only creates PRs for master and we use a backporting approach to get some of them also into the v0.6 branch.
This however has several limitations:

• Dependencies that only exist on v0.6, but not on master won't get any updates.
• Backports for dependencies that are configured in a different place, e.g., a different pom.xml, won't work automatically (and we usually won't put in the manual effort to find the correct place on v0.6 to also apply the update there).
• Dependencies that have a different major version on v0.6 also cannot be updated with the backporting approach.

I think these issues are not really special for our new backporting approach as they have basically existed similarly before where we applied dependency updates to v0.6 and then merged them into master as that for example also didn't work for dependencies that were only present on master.

This problem is probably responsible for at least some of the vulnerabilities found in the 0.6.3 Docker image, but not in 1.0.0-rc2 as reported in this issue: JanusGraph/janusgraph-docker#129.

One solution for this is that we disable backporting for Dependabot and instead configure Dependabot to also create PRs directly for v0.6 (and in the future for all other supported releases branches). This of course means that we will get duplicate PRs for some dependencies for master and v0.6, but it should avoid the limitations I mentioned above.

Are there any other ideas? Or any reason against using this approach?