add a SPDX compliant license, organization and scm information into the created pom for a published mbeddr artifacts

[KemalSoysal]

When checking for license policy constraints, the missing license information in the pom requires manual adjustment to the checking.

The pom.xml is described for the license aspect and recommends to use the SPDX identifiers.

The SPDX catalog states for the Eclipse Public License V 1.0 the identifier EPL-1.0.

Add a license notice in the pom by creating the appropriate tags in the pom.xml

<project ...
...
  <licenses>
    <license>
      <name>EPL-1.0</name>
      <url>https://www.eclipse.org/legal/epl-v10.html</url>
      <distribution>repo</distribution>
      <comments>Eclipse Public License - v 1.0</comments>
    </license>
  </licenses>
...
</project>

Additionally Eclipse Public License V 1.0 requires the copyright notice. For this it could be enough to add the organization tag to the pom.xml

  <organization>
    <name>itemis AG</name>
    <url>https://www.itemis.com</url>
  </organization>

Additionally Eclipse Public License V 1.0 requires also the sources to be disclosed.
For accomplishing this requirement, provide the scm tag in the pom.xml. The tag is the commit hash just being built.

...
  <scm>
    <tag>${commithash}</tag>
    <url>https://github.com/mbeddr/mbeddr.core.git</url>
  </scm>
...

For the graphviz artifact, the license type is Eclipse Public License Version 1.0 and has the identifier EPL-1.0 and the scm repository is https://gitlab.com/graphviz/graphviz