Exclude transitive dependencies from reporting

[grempe]

If running depsbot against any non-trivial project with a large number of dependencies will result in a large number of reports similar to:

1:21-1:68  warning  std@0.101.0 ~> std@0.105.0  outdated

This is not reporting that the projects dependencies are out of date, it is instead reporting the the projects dependencies are using older versions of Deno stdlib. This is not an issue that the project maintainer can resolve easily, nor is it necessarily a problem unless that version of stdlib has bugs related to the functionality being used.

It should be possible to turn off reporting for dependencies of dependencies.

Also related, the reports that are given are not easy to parse since they refer to hashed content in the local cache, and do not indicate what project actually has the dependency problem. e.g.

/Users/REDACTED_PATH/deno_dir/gen/https/deno.land/d73094cad3eb4f9dc58bec164942c5ae4cf79149db0adc9dca7f1b453d0c2e80.js
    1:21-1:67  warning  std@0.79.0 ~> std@0.105.0   outdated

Clicking on that link in Deno takes the user to source code, and it is left to the user to try to identify what project that source code might be a part of.

These issues quickly make this project very difficult to use in a Github action workflow since the rate of false positives makes it fail continuously.