Automate upgrading transitive dependencies

Learn how to drive action on vulnerable transitive dependencies with OpenRewrite. Know all the transitive dependencies that require upgrading through the 'Find and fix vulnerable dependencies' recipe, then in the 'Upgrade transitive Gradle dependencies' recipe, add a constraint section to Gradle indicating the CVE that the constraint is helping to manage.

The same recipe applied via Moderne makes sure you're running the minimum fixed version for transitive dependencies on an entire organization's codebase.