@hulumi/policies: AWS IAM trust policy multi-provider detection fix

AWS IAM trust policies listing multiple federated identity providers (e.g., GitHub Actions OIDC and Google OIDC) were not correctly recognized by G_OIDC_1 and G_OIDC_2 policy rules. The providers list was coerced into a single comma-joined string, causing the matcher to miss the GitHub OIDC ARN. This allowed wildcard sub: conditions to pass undetected.

Users of @hulumi/policies < 1.4.0 who use HulumiHardeningPack or HulumiGithubHardeningPack and have IAM roles with multiple federated identity providers in the trust policy.

Upgrade to @hulumi/[email protected] immediately.