[git-archive] git-archive vulnerable to Command Injection via exports function

All versions of package git-archive are vulnerable to Command Injection via the exports function.

References

• https://nvd.nist.gov/vuln/detail/CVE-2020-28422
• https://security.snyk.io/vuln/SNYK-JS-GITARCHIVE-1050391
• https://github.com/advisories/GHSA-vqgr-mfxm-47f3