Encourage folks improve DependencyCheck by submitting false positives

[lread]

Currently

If a user hits a false positive, they might simply suppress it. See #55.

But...

If we encourage users to submit false positives (and potentially fixes) back to DependencyCheck, we improve tooling for everyone.

For example, here's me submitting a false positive for some jetty libs and here's my fix.

Next Steps

For this to be viable, we'd also need to report the cpe in findings.

And then describe/encourage in the clj-watson README.

[seancorfield]

I created #121 to deal with the cpe reporting. I'll make it part of 6.1.

[lread]

Good idea, thanks!