Code signing for MacOS packaged app

[deeppppp]

Latest versions of MacOS require command-line-tools and their libraries to be signed by the developer.

A work around is for the user to white list the tool, but this is not obvious to the average user.

https://github.com/pyinstaller/pyinstaller/wiki/Recipe-OSX-Code-Signing
Shows how the code signing would work, this would need to be implemented in the CI after the package was created by PyInstaller.