Backfill projects default branch to the vulnerability tracked refs table

One we create the security_projects_tracked_contexts table, we need to initialize it with the default branch of all existing projects that have vulnerabilities so that we can associate existing information to the default branch before enabling multiple branch tracking.

We should make sure that projects default branches are already automatically added to the tracked refs table before doing the backfill otherwise we'll have incomplete data.

We can do this using the standard Batched Background Migration functionality, iterating through projects and creating an appropriate default context branch for the default branch of that project. We will need to query the project to determine what the name of the default branch is so that this maps correctly to the value that we store in the security_projects_tracked_context record.