PR Summary

Remove unneeded Invoke-Expression on unvalidated input

PR Context

Reviewing the script for security issue that might prevent signing as requested in #8814

I didn't validate that this could actually be exploited but I ran this.

$tp=join-path "./;Write-Host 'pwnd';" -ChildPath 'child'
Invoke-Expression -command "ls $tp"

With this output

CHANGELOG.md Dockerfile Library bin manpages
CODE_OF_CONDUCT.md Dockerfile.test.yml README.md completions
CONTRIBUTING.md LICENSE.txt azure-pipelines.yml docs
pwnd
/child : The term '/child' is not recognized as the name of a cmdlet, function, script file, or operable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:25
+ ls ./;Write-Host 'pwnd';/child
+ ~~~~~~
+ CategoryInfo : ObjectNotFound: (/child:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

While the equivalent new syntax:

&ls $tp

results in:

ls: ./;Write-Host 'pwnd';/child: No such file or directory

PR Checklist

• PR has a meaningful title
  • Use the present tense and imperative mood when describing your changes
• Summarized changes
• Change is not breaking
• Make sure all .h, .cpp, .cs, .ps1 and .psm1 files have the correct copyright header
• This PR is ready to merge and is not Work in Progress.
  • If the PR is work in progress, please add the prefix WIP: or [ WIP ] to the beginning of the title (the WIP bot will keep its status check at Pending while the prefix is present) and remove the prefix when the PR is ready.
• User-facing changes
  • Not Applicable
  • OR
  • Documentation needed
    • Issue filed:
• Testing - New and feature
  • N/A or can only be tested interactively
  • OR
  • Make sure you've added a new test if existing tests do not effectively test the code changed
    • Add [feature] to your commit messages if the change is significant or affects feature tests