Absolute path leaks into .sha256 files for release checksums

[jaymecd]

Release checksum *.sha256 files contain absolute path to the compiled binary, making verification a bit cumbersome after download:

$ cd ~/Downloads
$ sha256sum -c pact-plugin-cli-macos-aarch64.gz.sha256
sha256sum: /Users/runner/work/pact-plugins/pact-plugins/release_artifacts/pact-plugin-cli-macos-aarch64.gz: No such file or directory
/Users/runner/work/pact-plugins/pact-plugins/release_artifacts/pact-plugin-cli-macos-aarch64.gz: FAILED open or read
sha256sum: WARNING: 1 listed file could not be read

Origin .sha256 file:

af1505f0aff261fc98608473b529674d87ceaedb3c426a1e6ba53ad00e1e630b */Users/runner/work/pact-plugins/pact-plugins/release_artifacts/pact-plugin-cli-macos-aarch64.gz

After cleaning the path, it works as expected:

$ sha256sum -c pact-plugin-cli-macos-aarch64.gz.sha256
pact-plugin-cli-macos-aarch64.gz: OK

Expected .sha256 file content:

af1505f0aff261fc98608473b529674d87ceaedb3c426a1e6ba53ad00e1e630b pact-plugin-cli-macos-aarch64.gz

[YOU54F]

we will need to update the gzip script

https://github.com/pact-foundation/pact-plugins/blob/main/scripts/gzip-and-sum.sh

example in pact reference

https://github.com/pact-foundation/pact-reference/blob/master/rust/scripts/gzip-and-sum.sh