Currently there is quite a bit of infra/code required to support running ODC due to needing to cache its database.

Perhaps we can rely on dependabot more fully, if we upload the full dependency graph for Java dependencies to GitHub, e.g via https://github.com/gradle/actions/blob/main/docs/dependency-submission.md ?

This would allow us to

• avoid need to cache the ODC DB at nexus.gocd.io
• remove some complexity in the Gradle configurations

We'd need to

• find a replacement way to document and maintain suppressions
• update SECURITY.md