Force immediate downloading of artifacts with a checksum weaker than sha256

[dralley]

We have to support syncing these repos (for now), but we don't have to support on-demand sync. As part of phasing these checksums out forever, we should remove deferred download support for them.

The justifications are as follows:

• On-demand artifacts use whichever checksum they have as an identifier. If that checksum is a weak checksum with known propensity for collisions, then it is theoretically possible to end up with the wrong (more plausibly - a maliciously constructed) artifact being downloaded
• It enables future moves like https://github.com/pulp/pulpcore/issues/4726