Modernize release pipeline for GitHub-native publishing

[lipkau]

Problem

Release automation is coupled to legacy pipeline behavior and uses credential handling patterns that do not align with modern GitHub Actions security and artifact flows.

Proposal

Implement a GitHub-native release workflow triggered by version tags that:

• reuses artifacts produced by successful CI
• publishes to PowerShell Gallery
• creates GitHub Releases (including changelog extraction)
• uses scoped secrets/tokens and least-privilege permissions

Acceptance criteria

• .github/workflows/release.yml exists and is tag-triggered (v*)
• Release workflow downloads artifacts from successful CI for the tagged commit
• Module publish to PSGallery is automated via repository secret
• GitHub Release is created with release notes and attached package
• Legacy credential-writing/global git-config behavior is removed from release automation