Enable deterministic builds for reproducible NuGet packages

Add deterministic build properties to Scrutor.csproj:
- Deterministic=true: Ensures compiler generates byte-for-byte identical
  outputs for the same inputs
- ContinuousIntegrationBuild=true (when CI=true): Normalizes file paths
  and timestamps in PDB files for reproducible builds

Add CI=true to GitHub Actions workflow to explicitly enable
ContinuousIntegrationBuild in CI environments.

These settings ensure that building the same source code multiple times
will produce identical NuGet packages, which is important for:
- Security (verifying package contents match source)
- Build reproducibility
- Package verification and attestation

Author: claude

.github/workflows/build.yml

@@ -8,6 +8,7 @@ jobs:
         if: "!contains(github.event.head_commit.message, '[skip ci]')"
 
         env:
+            CI: true
             DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1
             DOTNET_CLI_TELEMETRY_OPTOUT: 1
             DOTNET_NOLOGO: true

src/Scrutor/Scrutor.csproj

@@ -25,6 +25,9 @@
     <SymbolPackageFormat>snupkg</SymbolPackageFormat>
     <!-- Only increase this value in case of incompatible API changes. -->
     <AssemblyVersion>6.0.0.0</AssemblyVersion>
+    <!-- Deterministic builds -->
+    <Deterministic>true</Deterministic>
+    <ContinuousIntegrationBuild Condition="'$(CI)' == 'true'">true</ContinuousIntegrationBuild>
   </PropertyGroup>
 
   <ItemGroup>