[feature] add a `checksum` file to help updater validate the download content

[greenhat616]

FYI Github have removed the md5 signature header. Ref: https://github.com/orgs/community/discussions/23512#discussioncomment-10013377

So, we should upload a checksum file, .sha256 etc, to make the integrity of file checkable.

For example, we can do it in ci:

- name: Calc the archive signature
        shell: pwsh
        run: Get-FileHash nyanpasu-service-${{ matrix.profile.target }}.zip -Algorithm SHA256 | Format-List > nyanpasu-service-${{ matrix.profile.target }}.zip.sha256

 - name: Calc the archive signature
        run: sha256sum nyanpasu-service-${{ matrix.profile.target }}.tar.gz > nyanpasu-service-${{ matrix.profile.target }}.tar.gz.sha256

Ref: https://github.com/libnyanpasu/nyanpasu-service/blob/main/.github/workflows/build.yml

Maybe I can draft a pr to solve it later.

[Itsusinn]

There would be a sha256sum.txt , possibly. It looks like

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  file1
a63d8014dba891345b30174df2b2a57efbb65b4f9f09b98f245d1b3192277ece  file3
hash filename

And I think，HTTPS already ensures the correctness of downloaded file，is it necessary to check sha256sum？