SignAllFiles should sign project.Binaries, not just project.AllFiles

[fredemmott]

Previous versions of one of my applications were deployed via MSIX; I've switched to MSI because of limitations, and I have a small C++ helper to remove the MSIX versions that I'm invoking with a BinaryFileAction.

It would be good for SignAllFiles to sign this as well.

If not sent a PR as it's unclear to me if this should go into ProjectFileSigner.SignAllFiles, or in Compiler.ProcessBinaries, given the note that ProcessBinaries must be last give n that other Process* may introduce additional binaries.

[oleg-shilo]

Great, please do the PR.

ProjectFileSigner.SignAllFiles seems to be a better fit.

While you are absolutely right, Compiler.Process* can introduce additional signable artifacts (and not only binaries), it is a constraint that is already in there thus you are not introducing any new limitation by placing this functionality into ProjectFileSigner.SignAllFiles.

Don't forget the classical lousy justification "it has never been a problem so far".

But on a serious note, the system has never been designed to be bulletproof from this angle but flexible enough to allow alternative build flow project.BuildCmd() > do-whatever-you-want > execute-cmd

[oleg-shilo]

Done. Please update to v2.4.4