chore(ci): add GitHub environment for OIDC token protection (#13538)

Per OSPO recommendation, reference the "npmjs:@ui5/webcomponents"
GitHub environment in all publish jobs to protect the OIDC token
used for npm trusted publishing.

Author: ilhan007

.github/workflows/release.yaml

@@ -29,6 +29,7 @@ jobs:
   # ✅ Job 1: Stable Release Flow
   stable-release:
     if: ${{ github.event.inputs.release_type == 'stable' }}
+    environment: "npmjs:@ui5/webcomponents"
     permissions:
       contents: write
       id-token: write
@@ -135,6 +136,7 @@ jobs:
   # ✅ Job 2: RC Release Flow
   rc-release:
     if: ${{ github.event.inputs.release_type == 'rc' || github.event_name == 'schedule' }}
+    environment: "npmjs:@ui5/webcomponents"
     permissions:
       contents: write
       id-token: write
@@ -228,6 +230,7 @@ jobs:
   # ✅ Job 3: Hotfix Release Flow
   hotfix-release:
     if: ${{ github.event.inputs.release_type == 'hotfix' && github.event.inputs.new_version != '' }}
+    environment: "npmjs:@ui5/webcomponents"
     permissions:
       contents: write
       id-token: write
@@ -298,6 +301,7 @@ jobs:
   # ✅ Job 4: Experimental Release Flow
   experimental-release:
     if: ${{ github.event.inputs.release_type == 'experimental' }}
+    environment: "npmjs:@ui5/webcomponents"
     permissions:
       contents: write
       id-token: write
@@ -344,6 +348,7 @@ jobs:
   # ✅ Job 5: V1 Release Flow
   v1-release:
     if: ${{ github.event.inputs.release_type == 'v1' && github.event.inputs.new_version != '' }}
+    environment: "npmjs:@ui5/webcomponents"
     permissions:
       contents: write
       id-token: write