Add flag for turning off transitive closure expansion for maven_install

[BenHenning]

I'm starting to see a need on my project for requiring all dependencies to be explicitly declared rather than automatically getting transitive dependencies pulled in by maven_install. While the transitive closure support is nice for smaller projects, it can introduce headaches in larger projects:

• It can result in Android Studio picking the wrong dependency version when multiple are available in the build graph, but not all through Maven (I ran into this with protobuf today with no obvious workaround)
• It can result in one-version violations since the dependency resolution seems to only work for the Maven dependency graph, whereas other parts of the build graph may be introducing common dependencies with different versions (which means that mixed source/Maven dependency graphs don't play well together despite the former being recommended as a Bazel best practice)
• It makes auditing the full list of third party dependencies harder

It seems like the strict_visibility argument gets us slightly closer in that it avoids unintentionally depending on the wrong version in project code, but it doesn't prevent Maven dependencies themselves from pulling in incorrect versions.