feat: enable npm provenance on published packages

[BethGriggs]

Hey, I just made a Pull Request!

Opened this to attempt to enable provenance so that we can get references back to the commit and GitHub actions flow that published the package.

I am unsure if this will just work as we're publishing via yarn workspaces foreach <command>.

Note: At this time, yarn is not a supported tool for publishing your packages with provenance.

I'll try and test locally and confirm.

:heavy_check_mark: Checklist

• [ ] A changeset describing the change and affected packages. (more info)
• [ ] Tests for new functionality and regression tests for bug fixes
• [ ] Screenshots attached (for UI changes)
• [ ] All your commits have a Signed-off-by line in the message. (more info)