These lines put the dependencies into a file managed by source control. Having large binaries checked into source control is both against git's best practices, and not a great idea from a security perspective.
Instead, the process resources task should be used to add additional resources to the set of resources that end up in the build/resources directory
https://github.com/openrewrite/rewrite-build-gradle-plugin/blob/795ce9a144eff705758ce3bea45daeeeb73a83dc/src/main/java/org/openrewrite/gradle/RecipeDependenciesDownloadTask.java#L49-L52
These lines put the dependencies into a file managed by source control. Having large binaries checked into source control is both against git's best practices, and not a great idea from a security perspective.
Instead, the process resources task should be used to add additional resources to the set of resources that end up in the
build/resourcesdirectoryhttps://docs.gradle.org/current/dsl/org.gradle.language.jvm.tasks.ProcessResources.html