[feature] Rate limit outgoing http requests

[jeffmendoza]

Is your feature request related to a problem? Please describe. GUAC pulls data from deps.dev, osv.dev, and soon ClearlyDefined. With a large graph, an instance might pull a lot of data. It would be best to rate limit outgoing requests.

Describe the solution you'd like This blog covers a simple design: https://medium.com/mflow/rate-limiting-in-golang-http-client-a22fba15861a using https://pkg.go.dev/golang.org/x/time/rate

We should make an http.RoundTripper to hande this and stack with other middleware for all GUAC outgoing clients. Similar to the existing user agent middleware: https://github.com/guacsec/guac/blob/82e3f8030ecfe6276c965d9a8ab225cee432d944/pkg/version/version.go