Use Unix-style checksum files even on Windows

With `shasum` for Unix checksums, they look like:

    407860b1605577700750b92f464068fdaa65ff5ecb7fabcd5a9ba8dac7156149  gitoxide-max-pure-v0.38.0-alpha.2-DO-NOT-USE-x86_64-unknown-linux-musl.tar.gz

With `certutil` for Windows checksums, they looked like:

    SHA256 hash of gitoxide-max-pure-v0.38.0-alpha.2-DO-NOT-USE-x86_64-pc-windows-msvc.zip:
    870a157307d8674f981278afa2161973d65a4c6956fc2810cdc901886a41da12
    CertUtil: -hashfile command completed successfully.

Unlike `shasum`, the `certutil` command does not verify checksums,
it only generates them. As far as I know, there are no common tools
that require the format to be as `certutil` outputs it. In
contrast, tools commonly expect the format `shasum` outputs.

Furthermore, the Git Bash environment from Git for Windows includes
`shasum`, which means it is present:

- On GitHub Actions runners for Windows (as for other platforms).
- On the computers of most Windows users in gitoxide's user base.

Even if someone does not have `shasum` or another tool that will
automatically verify checksums from this format, they would at
worst need to verify it manually, which I believe is typically
already the case when examining output from `certutil` in the above
format. Furthermore, we have not published checksums before, so for
gitoxide no one is relying on checksums being published that way.

.github/workflows/release.yml

@@ -208,7 +208,7 @@ jobs:
           file -- "$TARGET_DIR"/release/{ein,gix}.exe
           cp -- "$TARGET_DIR"/release/{ein,gix}.exe "$ARCHIVE/"
           7z a "$ARCHIVE.zip" "$ARCHIVE"
-          certutil -hashfile "$ARCHIVE.zip" SHA256 > "$ARCHIVE.zip.sha256"
+          shasum --algorithm=256 "$ARCHIVE.zip" > "$ARCHIVE.zip.sha256"
           echo "ASSET=$ARCHIVE.zip" >> "$GITHUB_ENV"
           echo "ASSET_SUM=$ARCHIVE.zip.sha256" >> "$GITHUB_ENV"