Add signature verification for VS Code extensions

[RomanNikitenko]

Is your task related to a problem? Please describe

VS Code uses @vscode/vsce-sign to verify a VS Code extension signature at the extension installation step. @vscode/vsce-sign is Microsoft's proprietary package and is not included as a dependency to the Code - OSS assembly. So - signature verification is not executed, as result the following message is displayed when a user installs an extension

Describe the solution you'd like

@vscode/vsce-sign should be replaced by another package. I've found https://github.com/filiptronicek/node-ovsx-sign repository - it can be considered as an alternative to @vscode/vsce-sign package.

Describe alternatives you've considered

No response

Additional context

No response