Generate attribution report

[dylmye]

Overview

This PR adds the option for users to generate and retrieve an attribution report after they have run analyze.

The inspiration and use case for this feature is from personal needs. I have an app that uses FOSSA, and I want to include the attribution report in the app bundle as part of the release process. Automating the report generation as part of the release process would save time and ensure it's correct for each release version.

I reached out to Kevin after he reached out to us users earlier this month and he pointed me to this repo. Thank you for everything you all do!! Fossa is a really fantastic and beneficial part of the FOSS ecosystem. <3

There's some limitations and questions I have regarding this PR:

• Only supports the attribution report - no SBOM
• No timeout argument provided - should there be a sensible default?
• Is report generation appropriate to be in the scope of your action? Or just something I should fork instead? I'm aware of the message on your README but thought there would be some benefit to users in adding this.
• Is the format of the input okay? I thought it would be tidier than making two (like generate-report boolean and report-format input)
• There's no action-side validation of the report format, the aim of this was to reduce maintenance burden

The only other change I made was typing the listeners object passed to the exec function.

Checklist

• If I changed code, I ran yarn build and committed resulting changes.
• I added an example exercising this PRs functionality to .github/workflows/test.yml or explained why it doesn't make sense to do so.