Software supply chain attacks are rising rapidly, and Software Bills of Materials (SBOMs) have emerged as an important mechanism for enhancing transparency and traceability in software ecosystems. Despite growing regulatory interest and tool support, SBOM adoption within open-source software (OSS) projects is still not well understood. This paper presents a large-scale empirical study of SBOM adoption across over 3,100 OSS repositories on GitHub. We identify and validate 261 SBOM-enabled projects and compare them against a representative sample of non-SBOM projects. We use technical, social, and organizational features from these repositories and apply bootstrapped logistic regression to reveal key adoption patterns. Our results show that project maturity and coordination mechanisms such as structured branching and active forking correlate more strongly with SBOM adoption than development activity or code complexity. We also perform a compliance audit of 287 SBOMs and find widespread gaps between SBOM availability and their readiness for security analysis. We conclude with implications for OSS maintainers, tool developers, security stakeholders, and researchers to guide effective SBOM use in practice.