provenance: define canonical PURL encoding for digest qualifier in materials/subjects

[crazy-max]

In #5641, bumping github.com/package-url/packageurl-go from v0.1.1 to v0.1.3 changes how digest qualifiers are serialized in PURLs used by provenance/attestation output:

• Previous: pkg:docker/busybox?digest=sha256:...&platform=linux%2Famd64
• New: pkg:docker/busybox?digest=sha256%3A...&platform=linux%2Famd64

BuildKit emits these PURLs in provenance-facing data such as resolved dependencies via util/purl.RefToPURL:

buildkit/solver/llbsolver/provenance/predicate.go

Lines 24 to 28 in 78fc6dd

	if s.Local {
	uri, err = purl.RefToPURL(packageurl.TypeOCI, s.Ref, s.Platform)
	} else {
	uri, err = purl.RefToPURL(packageurl.TypeDocker, s.Ref, s.Platform)
	}

And in-toto attestation default subjects:

buildkit/exporter/containerimage/writer.go

Line 302 in 78fc6dd

pl, err := purl.RefToPURL(packageurl.TypeDocker, name, &p.Platform)

Even if %3A and : are semantically equivalent after decoding, this is a canonical string change in provenance payloads and can impact policy engines or custom checks that match URI strings or downstream tooling expecting existing URI formatting.

Upstream discussion that motivated this: package-url/packageurl-go#54. Also current PURL standard text says : shall not be percent-encoded in component content: https://github.com/package-url/purl-spec/blob/main/docs/standard/specification.md

So we currently have a practical interoperability/canonicalization choice to make in BuildKit.