Hi @popey, first of all thank you for opening this task and revisiting that settings.
I would also like to freeze a specific snap version and update only some security vulnerabilities maybe.
Not sure if the following packages are in snap (yet), but their update caused a lot of trouble in the past for me and my projects: GCC, clang, CMake, curl. (change of behaviour, my projects did not compile anymore, etc).
I would like to have it in XFCE as well of course, but I can manage it in cmdline until then (to switch off automatic refresh)
Best regards.