[Feature] Support SHA256 git checksums

[Qonfused]

May need to look into supporting Git's migration to SHA-256 for GitHub commit checksums; there's a couple of good overviews of the tradeoffs made on git's side to maintain compatibility with the SHA 1 family:

• https://stackoverflow.com/questions/60087759/git-is-moving-to-new-hashing-algorithm-sha-256-but-why-git-community-settled-on
• https://git-scm.com/docs/hash-function-transition/#_objective

It may however be more practical to instead use the file hash with SHA256 to ensure backwards compatibility. The easiest stand-in solution to support both use cases is to pull the tarball url and generate a SHA256 checksum of the compressed tarball archive (or the archive itself if a GitHub url resolves to one).