I'm developing an open source GPL macOS app for the amateur radio community and I want to know how to 'archive' it so uses can download a compiled bundle from my GitHub page for free. I have an Apple Developer account, but I haven't enrolled or paid any money. Is this possible?
Is this possible?
Yes and no.
The key benefit of signing your code is so that your product passes Gatekeeper. However, only Developer ID signed code can pass Gatekeeper, and that requires a paid account.
You have a few choices here:
Join the paid programme and then sign with Developer ID.
Sign with an Apple Development signing identity created by Xcode when you use your free account (aka your Personal Team).
Sign with a non-Apple code signing identity.
Distribute the code unsigned [1].
I’ve ordered this from most to least preferred. Only the first one will let you pass Gatekeeper. The other three will require your users to bypass Gatekeeper. For details on that, see the Safely open apps on your Mac article published by Apple Support.
Apple Development is preferred over a non-Apple code signing identity because the code signing subsystem will then set up your designated requirement (DR) correctly. For details on that, see TN3127 Inside Code Signing: Requirements.
Non-Apple code signing is preferred over unsigned because it represents a stable code signing identity. You’ll have to manually craft your DR, but you can at least have a DR.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] Well, Apple silicon code must be signed but you can sign it ad hoc (Signed to Run Locally in Xcode parlance).