Sign .app to avoid the "app from an unidentified developer" prompt

[lwouis]

The .app is unsigned currently. When the user opens the app for the first time, they get a scary prompt, and must jump through hoops to allow the app to run:

Getting an apple certificate and signing the app would remove that friction.

Here is a tutorial: https://successfulsoftware.net/2012/08/30/how-to-sign-your-mac-os-x-app-for-gatekeeper/

An issue is that this means buying a 100$/year apple dev account. Beyond the money, it makes this less of an open-source project as i would need my personal paid account to sign. Forks would need their own accounts to sign. I don't think there is any way around this though. This is an Apple ecosystem limitation.

[lwouis]

I researched code-signing in the OSS community. There is no way around paying Apple 礼金. I bit the bullet and just bought the certificate for ￥12,980. I don't want people to have a bad experience when launching the app for the first time. The certificate should be available for 5 years from now if I don't renew the developer account.

Adding this into CI was a bit tricky as Apple makes us jump through endless hoops with notarization. I hope it works on v3 release. As usual with CI, it's pretty hard to test changes. I tested as much as possible locally, but only the real travis build will tell if the new code is correct. Same with my work on #75.

Note even though it means that I'm personally signing the release builds by having my personal account used during CI. For local development, I added a script to generate a local self-signed certificate, so that anyone can contribute to the project without any barrier to entry :)