macOS binaries not signed with a verified identity

[llvm-beanz]

Summary

Official release binaries are not properly code signed with a real developer identity.

Details

On macOS the default mode for over a decade has been to not allow execution of binaries that are not code signed by a verified identity. The macOS binaries shipped in the GitHub CLI releases are not codesigned by a verified identity. In order to execute them the user must either disable macOS’s GateKeeper system or add an exclusion for the GH binaries.

Impact

All macOS users are impacted by this and must disable system security features in order to run the GitHub binaries.

I previously reported this issue in 5468, which was closed as this unrelated
issue, which was just closed by not fixing the original issue. Ad-hoc signatures (not to be mistaken with verified signatures used for ad-hoc distribution) are not signed with a verified identity. As a result, they still require disabling or adding an exception to GateKeeper.

[samcoe]

@llvm-beanz The team agrees that we should code sign our macOS binaries with a verified signature and we will try our best to get it done in the future. Marking this as core as it will require one of our team members to complete.

[samcoe]

Closing as our binaries are now signed #2426.