Changes in how SDK deals with code signing

Hi,

This is less of a bug and more of an open-ended issue which I am not 100% sure is related to the SDK directly but after a lot of deliberating and A/B compiling my feeling is that code signing behaviour has somehow changed from the update.

When building a set of externals previously with cmake and make I would produce binaries which were not code signed. I could verify this in my shell with this:

codesign -dv --verbose=4 fluid.ampgate\~.mxo

This would produce the output:

fluid.ampgate~.mxo/: code object is not signed at all

Max can load these externals fine.

Now though, after doing nothing except updating the SDK I get binaries which when checked with the aforementioned invocation report that they are code signed:

Executable=/Users/james/dev/flucoma/max/externals/fluid.ampgate~.mxo/Contents/MacOS/fluid.ampgate~
Identifier=fluid.ampgate~
Format=bundle with Mach-O thin (arm64)
CodeDirectory v=20400 size=1255 flags=0x20002(adhoc,linker-signed) hashes=36+0 location=embedded
VersionPlatform=1
VersionMin=720896
VersionSDK=721664
Hash type=sha256 size=32
CandidateCDHash sha256=f1adddbc9aa109e03b11a64d573f64562158cf78
CandidateCDHashFull sha256=f1adddbc9aa109e03b11a64d573f64562158cf7807fcdf49a8c629dba5258e1b
Hash choices=sha256
CMSDigest=f1adddbc9aa109e03b11a64d573f64562158cf7807fcdf49a8c629dba5258e1b
CMSDigestType=2
Executable Segment base=0
Executable Segment limit=65536
Executable Segment flags=0x0
Page size=4096
CDHash=f1adddbc9aa109e03b11a64d573f64562158cf78
Signature=adhoc
Info.plist=not bound
TeamIdentifier=not set
Sealed Resources=none
Internal requirements=none

Is this something that is being influenced by the update to the SDK?