Provide assistance to users attempting to resolve vulnerable dependencies

[bigdaz]

Because all dependencies are assigned to the settings.gradle.kts file, it can be difficult for users to work out how to fix vulnerable dependencies. (Attributing to a particular project would help a bit, but not entirely).

We could provide more assistance to users:

• Add a central documentation page focussed on "understanding the GitHub Dependency Graph for your Gradle project"
  • This page should be succinct and point users to other, more complete documentation where necessary.
  • Top level, mention enabling Build Scans and running with debug logging.
• Link to this documentation in the generated Job Summary

Although another report with full dependency information could be helpful, I think we already provide a sufficient mechanism via Build Scans, debug logging and existing Gradle dependency tasks. But these need to be more discoverable.