Add artifact attestation for build provenance

[dorssel]

No description provided.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (28645ea) to head (7fedcd4).
⚠️ Report is 2 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff            @@
##              main      #157   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            4         4           
  Lines           81        81           
  Branches        14        14           
=========================================
  Hits            81        81           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[github-actions]

✅MegaLinter analysis: Success

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	4		0	0	0.05s
✅ EDITORCONFIG	editorconfig-checker	50		0	0	0.07s
✅ JSON	jsonlint	3		0	0	0.21s
✅ JSON	prettier	3		0	0	0.44s
✅ JSON	v8r	3		0	0	3.2s
✅ MARKDOWN	markdownlint	1		0	0	0.68s
✅ MARKDOWN	markdown-table-formatter	1		0	0	0.25s
✅ REPOSITORY	checkov	yes		no	no	18.77s
✅ REPOSITORY	gitleaks	yes		no	no	0.24s
✅ REPOSITORY	git_diff	yes		no	no	0.01s
✅ REPOSITORY	grype	yes		no	no	35.75s
✅ REPOSITORY	secretlint	yes		no	no	1.06s
✅ REPOSITORY	syft	yes		no	no	1.99s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.51s
✅ REPOSITORY	trufflehog	yes		no	no	4.71s
✅ XML	xmllint	5		0	0	0.3s
✅ YAML	prettier	9		0	0	0.52s
✅ YAML	v8r	9		0	0	8.34s
✅ YAML	yamllint	9		0	0	0.46s

See detailed reports in MegaLinter artifacts

You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:

• oxsecurity/megalinter/flavors/documentation@v9.3.0 (51 linters)
• oxsecurity/megalinter/flavors/ruby@v9.3.0 (52 linters)
• oxsecurity/megalinter/flavors/rust@v9.3.0 (52 linters)

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.3.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,EDITORCONFIG_EDITORCONFIG_CHECKER,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,XML_XMLLINT,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R