code built successfully on an M1 but I have issues trying to run it that seem to stem from improper/non-existent code signing. At a minimum, all binaries need to be ad-hoc signed to run at all. Disabling this on arm Macs requires intrusive downgrades to security that can only be selected in recovery.

In addition, I've tried to run the packager scripts but due to the script enforcing packaging only from root, I couldn't create a single package from which I could try to code sign.

1. due to increasingly strict limits on access to root in Big Sur (arm Macs have even greater restrictions by default) that require severely downgrading boot protections and authenticated root image verification, among other things, it doesn't seem practical to require the PowerShell source directory to be located at the root. Even symlinking is disallowed.

2. Is there any existing code in the build scripts where one can specify a code signing certificate to be applied to libraries and binaries? I've noticed the build process results in some being ad-hoc signed while some, like the pwsh binary itself, is not signed at all.