resholve: mark it as knownVulnerabilities, allow resholve-utils usage

We are marking `resholve` itself with `meta.knownVulnerabilities`, and
overriding `resholve-utils` functions's `resholve` with
`meta.knownVulnerabilities = [ ]`.

This way, we can still use `resholve` at build-time without triggering
security warnings, however we can't instantiate `resholve` itself. See:

```
$ nix-build -A resholve
error: Package ‘resholve-0.8.4’ in /.../nixpkgs/pkgs/development/misc/resholve/resholve.nix:48 is marked as insecure, refusing to evaluate.

$ nix-build -A ix
/nix/store/k8cvj1bfxkjj8zdg6kgm7r8942bbj7w7-ix-20190815
```

For debugging purposes, you can still bypass the security checks and
instantiate `resholve` by:

```
$ NIXPKGS_ALLOW_INSECURE=1 nix-build -A resholve
/nix/store/77s87hhqymc6x9wpclb04zg5jwm6fsij-resholve-0.8.4
```

0 files changed, 0 insertions, 0 deletions