As a Maintainer I want to provide a list of dependencies that are in use, so that everyone can see what the application is built from.

Acceptance Criterias

• SBOM is generated automatically
• Dependabot pull requests should automatically update SBOM
• SBOM is persisted in the repository root

Developer Infos

• We can use CycloneDx here
• We can use GitHub Actions for this