Update release verification commands to work v0.2 release attestations #11993
Description
Currently, attestations for immutable releases use v0.1 of the in-toto release predicate spec. Soon, GitHub will start generating attestations using the v0.2 specification instead.
To ensure that we can handle both v0.1 and v0.2 attestations in gh release verify and gh release verify-asset we'll want to update the GH API call which retrieves the attestations. Instead of asking specifically for the v0.1 release attestations (which is what we currently do), we'll want to use the "release" sentinel value to ask for ALL release attestations (regardless of version).