Releasebot's GL interactions don't check TLS cert
lib/gitlab.py should be refactored.
- There is code that's not used
- For some reason it uses a form-style login when it could use an access token to check for assigned issues
- It never checks TLS certs, so MITM/admin access token sniffing would be a thing if releasebot runs on a machine other than GitLab.