Add CycloneDX SBOM

[devin-ai-integration]

Add CycloneDX SBOM

Summary

Adds a CycloneDX SBOM (sbom.json) to the repository root, generated using @cyclonedx/cdxgen v12.1.2 with spec version 1.5.

This repository is docs-only (contains only a README.md), so the SBOM contains 0 components with an empty components array. The SBOM still includes valid CycloneDX metadata (tool info, timestamp, serial number).

Review & Testing Checklist for Human

• Verify the empty components list is acceptable for your compliance/tooling requirements, given this is a docs-only repo
• Consider whether the SBOM should be pretty-printed for easier future diffing (currently single-line JSON)

Notes

• Tool used: @cyclonedx/cdxgen v12.1.2
• Components found: 0 (docs-only repository with no dependency manifests)
• Generated with: cdxgen -o sbom.json --spec-version 1.5

Link to Devin Session: https://app.devin.ai/sessions/d88eddfe545d4fa4922a3dd174bddceb
Requested by: @Cakasim

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring