Warn user and get opt-in for +pr mode

[IanButterworth]

On MacOS it's not possible to use the +pr... mode because the binaries are not codesigned, given that they are non-merged PRs.

We should do something this on MacOS

% juliaup add +pr51811
Installing Julia pr51811-macos-aarch64
As this is a non-merged PR it has not been codesigned. Would you like to locally codesign this to make it run? Note that it is your responsibility to review for security issues with the PR.
Locally codesign? y/[n]:

And perhaps on platforms that don't codesign check before installing the files

% juliaup add +pr51811
This is a PR that may not have been merged. Note that it is your responsibility to review for security issues with the PR.
Continue installation? y/[n]:

---

In testing this I signed with:

sign_binaries.sh

#!/bin/bash

# Function to sign a binary
sign_binary() {
    local binary="$1"
    echo "Signing $binary"
    codesign --sign - "$binary"
}

# Export the function for use with find
export -f sign_binary

# Find and sign all binaries in the current directory and its subdirectories
find . -type f -perm +111 -exec bash -c 'sign_binary "$0"' {} \;

echo "All binaries signed."

But note that stdlibs will re-precompile because codesigning changes their mtime/hash (on buildkite we update the .ji cache file headers after codesigning)