CMake: Don't use root attribution file for system libraries

A project's root qt_attribution.json file might be picked up by the
build system when recording system libraries for SBOM processing.
One such case is qtgrpc.

This caused generation errors in qtgrpc with the following message:

CMake Error: Files to be generated by multiple different commands:
 qt_sbom/SPDXRef-Package-qtgrpc-qt-3rdparty-sources-WrapProtobuf.cmake

This started happening since the SBOM options are now implicitly
propagated to auto-created attribution targets, and each attribution
target attempted to generate to the same partial sbom file.

Any qt attribution file in the project root is not intended to be
used for system libraries, so explicitly disable using the
root attribution file for all system libraries.

As a more long-term fix, we should consider making the partial sbom
files be more unique.

Amends 5daabb5

Pick-to: 6.8
Task-number: QTBUG-122899
Change-Id: I67544c299e630597f26602d270cd1dfd54cccfb6
Reviewed-by:  Alexey Edelev <alexey.edelev@qt.io>

Author: alcroito

cmake/QtPublicSbomHelpers.cmake

@@ -1654,6 +1654,12 @@ function(_qt_internal_sbom_add_recorded_system_libraries)
             continue()
         endif()
 
+        # Automatic system library sbom recording happens at project root source dir scope, which
+        # means it might accidentally pick up a qt_attribution.json file from the project root,
+        # that is not intended to be use for system libraries.
+        # For now, explicitly disable using the root attribution file.
+        list(APPEND args NO_CURRENT_DIR_ATTRIBUTION)
+
         list(APPEND generated_package_names "${package_name}")
         set(sbom_generated_${package_name} TRUE)