build: add on-demand dependency vulnerability scanning support

build: add OWASP Dependency-Check Gradle integration with NVD API key support
build: add conditional dependency suppression file support with unused-rule enforcement
build: remove dependency scanning from default check lifecycle and regular CI builds
build: keep gh-pages dependency report publication logic passive when report is absent

dependency-suppression.xml

@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
+    <!-- Add only reviewed, justified false positives. -->
+    
+    <!-- Example:
+    <suppress>
+        <notes><![CDATA[
+        False positive review:
+        - reason: Example package was matched to wrong CPE
+        - reviewed-by: Security Team
+        - reviewed-on: 2026-04-14
+        - remove-when: After upgrading the plugin or dependency metadata improves
+        ]]></notes>
+        <gav regex="true">^org\.example:acme-lib:.*$</gav>
+        <cve>CVE-2026-9999</cve>
+    </suppress>
+    -->
+</suppressions>