Codesigning and/or notarizing macOS builds

[maxfierke]

Not sure if this is on the team's radar or not, but increasingly a nice-to-have, would be for the official macOS builds to receive notarization and codesigning to ensure:

1. the build hasn't been modified
2. to satisfy the strict enforcement of notarization present in macOS 10.15+.

While it's relatively easy to workaround it (either removing the quarantine xattr manually, going through System Preferences to allow crystal and shards, or downloading it via something that does not set the quarantine xattr), it's not particularly convenient and it's not immediately clear to a new user that they need to do that (they'll just get the "Move to Trash" or "Cancel" options when running). You can use Homebrew builds and it won't be an issue, but not everyone uses Crystal via Homebrew on macOS

For my own Crystal projects, I've taken to using gon for automating the notarization and codesigning in CI (see example here), which works pretty smoothly and (it or something like it) could probably be integrated into release process. The tricky piece would be credential management for macOS developer certs, though it sounds like CircleCI recommends something called Fastlane Match for this.