Don't add defender exclusion by default

[jyoung15]

Reopening issue reported in oclif/dev-cli#433, in regards to the following section:

oclif/src/commands/pack/win.ts

Lines 85 to 87 in 31a19ca

	Section "Add %LOCALAPPDATA%\\${config.dirname} to Windows Defender exclusions (highly recommended for performance!)"
	ExecShell "" '"$0"' "/C powershell -ExecutionPolicy Bypass -Command $\\"& {Add-MpPreference -ExclusionPath $\\"$LOCALAPPDATA\\${config.dirname}$\\"}$\\" -FFFeatureOff" SW_HIDE
	SectionEnd

Some EDR platforms (for example Crowdstrike) will block execution when an application automatically adds an exclusion to Defender. As stated in the original issue these exclusions can open the system to new attack vectors, and this should be disabled by default.

[cristiand391]

someone commented this for the Salesforce CLI (oclif CLI):
forcedotcom/cli#2298 (comment)

have you tried if that works?

[jyoung15]

Thank you @cristiand391. Sorry, I did not realize this issue was already discussed for Salesforce CLI. In my case it was for boxcli. I just tested unchecking that option and it resolved the issue. Closing this issue.

[cristiand391]

Reopened to track this as a feature request:
For CLI devs that generates Windows installer, would you be interested in something like oclif pack win --no-defender-exclusion? This could either completely remove the option from the installer or mark it as unchecked by default.

let us know if you have any opinion on this :)

[git2gus]

This issue has been linked to a new work item: W-14495012

[cristiand391]

added support to disable this option when generating windows installers in oclif v4.0.4:
https://github.com/oclif/oclif/blob/main/CHANGELOG.md#404-2023-11-20