Generate SBOM

[martincostello]

Generate a Software Bill of Materials during the build and attest it.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 94.28%. Comparing base (a5e1276) to head (74a9853).
Report is 1 commits behind head on master.

✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #3468   +/-   ##
=======================================
  Coverage   94.28%   94.28%           
=======================================
  Files         109      109           
  Lines        3728     3728           
  Branches      707      707           
=======================================
  Hits         3515     3515           
  Misses        213      213           

Flag	Coverage Δ
Linux	94.28% <ø> (ø)
Windows	94.28% <ø> (ø)
macOS	94.28% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Copilot]

Pull Request Overview

This PR introduces an automated SBOM generation step during the build process and updates the attestation step for artifact verification.

• Added a "Generate SBOM" step using anchore/sbom-action for Windows runners.
• Adjusted the subject-path in the "Attest artifacts" step to include the newly generated SBOM and additional artifact paths.