Heap Overflow in case of a large dependency tree

[prathamgahlout]

Reproduction
Have a fairly big project to scan. Or just change the commons-compress dependency to v1.26.0 in this repo and scan this repo using
java -jar phsyberdome-sca-cli-1.0.3-beta scan -src <path-to-clone>

The commons-compress v1.26.0 has a big dependency tree in itself. The scan would run for quite a while and then crash because of Heap Overflow Error.

Solution
Stop creating the dependency tree in-memory and keep writing it to disk at regular intervals.