Add support for excluding file(s) from signing

[marinbilba]

Describe the solution you'd like Addition of a new flag/option --exclude-files to the current CLI functionality. This flag would allow users to specify one or more files to be excluded from the signing process. Additionally, it should support globs

For example, if you wish to sign all DLL files except those located in the "thirdparty/"

sign code azure-key-vault "**/*.dll" --exclude-files **/thirdparty/*

Additional context It seems that this kind of functionality was already discussed in this issue.

Version: 0.9.1-beta.23530.1

[ianjmcm]

With your example of wanting to exclude third-party binaries from signing, you should consider the best practice with any third-party binaries you are shipping in your app/package to be dual signed (using the append signature option) so not to overwrite the existing signature and add a signature of your own. This will let all the consumers know these are the third-party binaries you intended to ship with your app/package.

[clairernovotny]

This is already supported by specifying file globs for inclusion, such as https://github.com/xunit/visualstudio.xunit/blob/main/config/filter.txt#L1.

You can also exlude with the ! operator.