* Also upgrade to maven-dependency-tree 3.0.1, maven-plugin-testing-harness 3.3.0, commons-lang3 3.8.1, junit 4.12
 * Upgraded maven-dependency-tree is a breaking change for uses of AbstractBanDependencies.getDependenciesToCheck, requiring a signature change from Project to ProjectBuildingRequest
 * Also removed all the default scoped fields from EnforcerRuleUtils that are not in use, and cleaned up the corresponding constructor
 * Also removed maven-compat, and updated affected code to use RepositorySystem and RepositoryRequest instead of ArtifactResolver, ArtifactFactory and manually tracking the local and remote ArtifactRepository entries.

     * Make all rules that use DependencyGraphBuilder use a common component
     * Use sisu-maven-plugin to allow the new common component to use annotations. Keeping the rules using explicit component lookups for now
     * Make the common DependencyGraphLookup component cache lookups for a dependency tree per MavenProject, so that even highly parallel builds can also avoid retrieving the dependency tree more than once per project

 * Add support for building dependency graphs with and without the default ConflictResolver transforming the graph, since some rules require the full conflicting tree to be able to see artifacts with conflicting versions
 * Upgrade to latest maven-invoker-plugin and mrm-maven-plugin
 * Add override for MAVEN_DEBUG_OPTS with maven-invoker-plugin, so mvnDebug can work with the outer build, without also triggering on the invoker build too
 * Also update DependencyGraphLookup to use @Inject for its dependencies, so it no longer needs a separate init phase