* Implement the --exclude-protected feature
This piggybacks on the same machinery used by the --target flag. By
examining the stack, we find a list of all resources managed by
Pulumi (in that stack). We then form them into a DAG, and mark all
resources as either protected or unprotected.
A resource is protected it has the `Protect` flag set or is has a child
with the `protect` flag set. It is unprotected otherwise.
We then pass the urns of unprotected resources to the update options
passed to the destroy operation in the same way that `--target` does.
* Update changelog
* Handle providers correctly
* Add integration test
* Protect dependencies of protected resources
* Handle --exclude-protected in separate function
* Simplify implementation via DependencyGraph
* Add TransitiveDependenciesOf
* Cleanup unused functions
* Gate printed message behind !jsonDisplay
* Ensure provider is not `""`
* Clean up documentation (and some code)