Mac deployment: codesign timestamp service failures due to large number of files

[rly]

Problem

During Mac deployment builds, codesign --timestamp contacts Apple's timestamp server for every file in the app bundle. The PyInstaller-bundled Flask backend includes hundreds of data files (particularly tzdata/zoneinfo), which can trigger rate limits or transient timeouts from the timestamp service.

Example error from CI:

codesign --sign ... --timestamp ... flask/_internal/tzdata/zoneinfo/America/Recife
The timestamp service is not available.

This causes the electron-builder signing step to fail intermittently.

Plan

• Add signIgnore patterns in package.json to skip signing pure data files (tzdata, certifi) that contain no executable code (PR Prepare release v1.1.0 #1069)
• Consider upgrading electron-builder from v24.9.1 to a newer version with better retry logic for codesign timestamp failures
• Consider auditing additional data-only packages that could be excluded from signing (e.g., jsonschema_specifications, NWB/HDMF namespace schemas, probeinterface probe library files) — care must be taken not to skip .so/.dylib binaries within those packages
• Consider reducing PyInstaller bundle size by excluding unnecessary data files at the PyInstaller level rather than at the signing level