feat(macos): sign and notarize the DMG, app, and server binary

Produce a Gatekeeper-clean macOS distribution with no user workaround:

- Launcher DMG + the LocalAI.app inside it are built via fyne, codesigned
  with the Developer ID under the hardened runtime, then the DMG is signed,
  notarized (notarytool) and stapled. Replaces macos-dmg-creator (which had
  no signing hook) with fyne package + hdiutil so we control the .app before
  packaging.
- The bare local-ai darwin server binary is signed + notarized via
  GoReleaser's native notarize block (quill backend, runs on Linux).
- All signing is gated on secrets being present, so forks/PRs/local builds
  stay unsigned and green (contrib/macos/sign-and-notarize.sh no-ops).
- Add hardened-runtime entitlements and FyneApp.toml for deterministic
  packaging; update macOS install docs to drop the quarantine workaround.

Assisted-by: Claude:claude-opus-4-8 [Claude Code]
Signed-off-by: Ettore Di Giacinto <mudler@localai.io>

docs/content/installation/macos.md

@@ -22,13 +22,16 @@ Download the latest DMG from GitHub releases:
 3. Drag the LocalAI application to your Applications folder
 4. Launch LocalAI from your Applications folder
 
-## Known Issues
+## Verification
 
-> **Note**: The DMGs are not signed by Apple and may show as quarantined.
->
-> **Workaround**: See [this issue](https://github.com/mudler/LocalAI/issues/6268) for details on how to bypass the quarantine.
->
-> **Fix tracking**: The signing issue is being tracked in [this issue](https://github.com/mudler/LocalAI/issues/6244).
+The `LocalAI.dmg` (and the app inside it) and the `local-ai` server binary are
+signed with an Apple Developer ID and notarized by Apple, so they launch with no
+quarantine prompt or workaround. To inspect the signature yourself:
+
+```bash
+spctl --assess --type open --context context:primary-signature -v /Applications/LocalAI.app
+codesign --verify --deep --strict --verbose=2 /Applications/LocalAI.app
+```
 
 ## Next Steps