Use GItHub attestations to check for signed releases

[edgarrmondragon]

Is your feature request related to a problem? Please describe.

As seen in https://github.blog/2024-05-02-introducing-artifact-attestations-now-in-public-beta/.

Describe the solution you'd like

Check artifact signatures in a repo's https://github.com/<org>/<repo>/attestations URL.

Describe alternatives you've considered

Continue using the current Signed Releases check.

Additional context