Add provenance signature to @lwc packages

[AllanOricil]

Other important packages published to npm, like vue, started adding this npm feature called "provenance" in their published packages.

https://docs.npmjs.com/generating-provenance-statements

Vue
https://www.npmjs.com/package/vue#provenance

https://blog.deps.dev/npm-provenance/

It improves trust because developers can now for sure the source that was used for building that published package.

I took a look at your workflows and couldn't find a release workflow. If you are not releasing it in github or gitlab, you can't use this feature, according to npm docs.

[wjhsf]

We currently use an internal tool for publishing releases. It does not support provenance. We may be migrating to a new tool at some point in the coming months. I don't know whether the new tool will have the ability, but we will use it if available.