[ruby/rubygems] Use gem exec --conservative for sigstore-cli instead of pinning version

Hardcoding sigstore-cli:0.2.2 meant rubygems would need a new release
whenever sigstore-cli ships a new version. Using --conservative lets
gem exec prefer an already-installed version and falls back to the
latest when sigstore-cli is not yet installed.

ruby/rubygems@6ac00f34de

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: 2 people

lib/rubygems/commands/push_command.rb

@@ -156,8 +156,8 @@ def attest!(name)
     env = defined?(Bundler.unbundled_env) ? Bundler.unbundled_env : ENV.to_h
     out, st = Open3.capture2e(
       env,
-      Gem.ruby, "-S", "gem", "exec",
-      "sigstore-cli:0.2.2", "sign", name, "--bundle", bundle,
+      Gem.ruby, "-S", "gem", "exec", "--conservative",
+      "sigstore-cli", "sign", name, "--bundle", bundle,
       unsetenv_others: true
     )
     raise Gem::Exception, "Failed to sign gem:\n\n#{out}" unless st.success?