List SHA256 hashes in release build

[zooba]

Currently we list MD5 because that's what the website needed, but it can handle SHA256 now so we should use those instead. Change should be in ci/release.yml for Azure Pipelines.

(Bonus points if someone knows how to use the API to publish the release all the way and wants to script it... looking at @hugovk )

[hugovk]

python/pythondotorg#2830 is where we added support to the website API to receive SHA-256.

python/release-tools#310 is where we updated the release to send SHA-256 when uploading files to the website API.

So in addition to the existing md5_sum field, there's a new sha256 field.

If you send both, the website will only show SHA-256, but both are stored in the database. We'll likely stop sending MD5 soon for Python releases, and it'll just show those.