brew cask: add audit for incorrect signing

[x] Have you followed the guidelines in our Contributing document?
[x] Have you checked to ensure there aren't other open Pull Requests for the same change?
[ ] Have you added an explanation of what your changes do and why you'd like us to include them?
[ ] Have you written new tests for your changes? Here's an example.
[ ] Have you successfully run brew style with your changes locally?
[ ] Have you successfully run brew typecheck with your changes locally?
[ ] Have you successfully run brew tests with your changes locally?

Since often upstreams suggest people disable quarantine instead of fixing their broken signatures, we should probably check if the signature is valid in the audit.

Aug 01 '22 12:08 SMillerDev

Review period will end on 2022-08-02 at 12:34:17 UTC.

Aug 01 '22 12:08 BrewTestBot

Review period ended.

Aug 02 '22 15:08 BrewTestBot

Changed it to a separate flag.

Aug 07 '22 10:08 SMillerDev

Only the actual signing command is left out for now since that depends on a specific macOS version for output checking. Otherwise I think it is good to go.

Aug 15 '22 17:08 SMillerDev

@SMillerDev Looks like this commit is causing a couple of false positive errors - https://github.com/Homebrew/homebrew-cask/runs/7859932752?check_suite_focus=true https://github.com/Homebrew/homebrew-cask-versions/runs/7859526329?check_suite_focus=true

I don't have time to fully check it out (it's late here), but just flagging this PR as I've traced the errors back to here.

Aug 16 '22 14:08 bevanjkay

Okay, somehow my artifact filtering isn't working. I would have expected this line to output a list of only eligible artifacts.

artifacts = cask.artifacts.select { |k| k.is_a?(Artifact::Pkg) || k.is_a?(Artifact::App) }

Aug 16 '22 14:08 SMillerDev