## Context We have an Apple developer account set up. macOS binaries need to be signed and notarized so users don't hit Gatekeeper warnings. ## Tasks - [x] Add codesigning step to the release workflow for macOS binaries - [x] Notarize binaries with Apple's notarization service - [x] Store signing credentials (certificate, password, Apple ID, team ID) as GitHub Actions secrets - [x] Verify signed binaries pass `spctl` and Gatekeeper checks
Context
We have an Apple developer account set up. macOS binaries need to be signed and notarized so users don't hit Gatekeeper warnings.
Tasks
spctland Gatekeeper checks