fix: generate sboms and trim crate extras

[behrangsa]

Summary

• call cargo cyclonedx with --override-filename so the workflow produces non-empty sbom.json/sbom.xml
• expand package.exclude to drop dot-asset, Nix, lint, and temp files from the published crate

Testing

• cargo fmt --check
• cargo clippy --all-targets --all-features
• cargo test -- --test-threads=1
• cargo cyclonedx --format json --spec-version 1.5 --override-filename sbom
• cargo cyclonedx --format xml --spec-version 1.5 --override-filename sbom

[Copilot]

Pull Request Overview

This PR fixes SBOM generation in CI/CD workflows and improves the crate packaging by excluding unnecessary files from publication.

• Fixes SBOM generation by using --override-filename flag instead of shell redirection
• Expands package exclusions to remove development and temporary files from published crate

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
Cargo.toml	Adds additional file patterns to exclude from published crate package
.github/workflows/release.yml	Updates SBOM generation commands to use proper filename override flag

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[github-actions]

📊 Coverage Report

Metric	Covered	Total	Rate
Lines	131	146	89.73%
Branches	0	0	N/A

Additional Metric	Value
Complexity	0
Files Reported	1
Report Timestamp	2025-09-24T22:40:57.000Z

View detailed report

src/main.rs: 89.7%

---

Generated by cargo-tarpaulin