Scripts (OSX ships with Python, Perl, Bash, Zsh, and I think JS) bypass all of those.
Also I would not be suprised if editing scripts in runtime based apps (like electron) still bypass all of those.
Last I looked at code signing in MacOS it was weaker than Windows in places. With code signing checks enabled in Windows (they are used as a smart screen signal but not required by default) you actually need to sign shell scripts to run them.
Small correction: macOS (it hasn’t been called OS X for close to a decade) hasn’t shipped with Python for a while. It does have a shim at /usr/bin/python3 that when called pops up a GUI to the user telling them they need the Xcode Developer Tools, which if accepted does provide Python.
Also I would not be suprised if editing scripts in runtime based apps (like electron) still bypass all of those.
Last I looked at code signing in MacOS it was weaker than Windows in places. With code signing checks enabled in Windows (they are used as a smart screen signal but not required by default) you actually need to sign shell scripts to run them.