fix: ad-hoc codesign compiled binaries on Apple Silicon after build

[voidborne-d]

Problem

On some Apple Silicon machines, bun build --compile produces a corrupt or linker-only code signature. macOS kills these binaries with SIGKILL (exit 137, zsh: killed) before they execute a single instruction. Every re-run of ./setup reproduces the same unrunnable binary.

The root cause is well-documented upstream (Bun #7208, Go #42684): Apple Silicon requires properly signed executables, and linker-signed-only binaries get killed. A naive codesign -s - -f also fails because the existing (broken) signature block prevents re-signing.

Fix

Add a post-build codesign step to setup that runs only on Darwin arm64:

1. Remove the corrupt/linker-only signature (codesign --remove-signature) — this is required because a direct re-sign fails with "invalid or unsupported format for signature"
2. Apply a fresh ad-hoc signature (codesign -s - -f)

All four compiled binaries are covered:

• browse/dist/browse
• browse/dist/find-browse
• design/dist/design
• bin/gstack-global-discover

Properties

• Idempotent: safe to re-run, skips missing binaries
• Fast: <1s total
• Non-fatal: codesign failure is a warning, not an error (Intel/CI builds are unaffected)
• Platform-guarded: only runs on Darwin + arm64
• Bun-recommended: matches Bun docs on codesigning standalone executables

Tests

Added test/setup-codesign.test.ts (6 tests):

• Verifies the codesign block checks both Darwin and arm64
• Verifies all four compiled binaries are covered
• Verifies the block is inside the NEEDS_BUILD=1 branch
• Verifies missing binaries are skipped (idempotent)
• Verifies failure is a warning, not fatal
• Validates the shell snippet syntax

bun test test/setup-codesign.test.ts
 6 pass, 0 fail

Fixes #997