[codex] Release sbom-diff-and-risk v0.5.1

[stacknil]

Summary

Release-only maintenance patch for sbom-diff-and-risk v0.5.1.

This PR exists to create a taggable release that exercises the newly merged checksum-manifest release path. It bumps the package/version metadata to 0.5.1, updates SARIF sample tool metadata, refreshes the README top release narrative, and adds short v0.5.1 release notes.

Release Notes

## sbom-diff-and-risk v0.5.1

Release-only maintenance update.

- Adds `sbom-diff-and-risk-SHA256SUMS.txt` to GitHub Release assets.
- Keeps CLI behavior unchanged.
- Keeps production PyPI deferred.

Validation

Local validation completed:

python -m build
python -m twine check dist\*.whl dist\*.tar.gz
python -m pytest
git diff --check

Additional checks:

• package metadata is 0.5.1
• src/sbom_diff_risk/__init__.py is 0.5.1
• SARIF sample tool metadata is 0.5.1
• no CLI behavior changed
• no workflow changes in this release-only patch
• no production PyPI workflow exists
• TestPyPI workflow still defaults to no-publish

Out of Scope

• No analyzer changes
• No policy changes
• No SARIF logic changes beyond sample metadata version
• No production PyPI publishing
• No TestPyPI upload

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.