I’m not too sure that these actions violate the letter of the law here, even though I agree that they’re 100% in violation of the spirit of the law.

It’s been some years since I’ve put the mobile development world behind me, in no small part because of Apple’s shenanigans, but the way I understand how this might work - Apple may be required to allow “iOS software” to be installed from third party stores, but software that runs on iOS must either be signed using a certificate that only allows installation in a developer or enterprise context (which require explicit and obvious user consent to that specific use case, and come with other restrictions such as the installation only lasting for a limited period of time), or through an “appstore” certificate that allows installation on any device, but the actual application package will need to go through Apple’s pipeline (where I believe it gets re-signed before final distribution on the App Store). All certificates, not just the appstore ones, are centrally managed by Apple and they do have the power to revoke, or refuse to renew, any of those certificates at-will.

If my understanding is correct (I’d appreciate if any up-to-date iOS devs could fact-check me), then Apple could introduce or maintain any restrictions they please on handling this final signing step, even if at the end of the day the resulting software is being handed back to developers to self-distribute, they can just refuse to sign the package at all, preventing installation on most consumer iOS devices, and to refuse to re-issue certificates to specific Apple developer accounts they deem in violation of their expected behavior. I haven’t read the implementation of the DMA in detail, nor am I a lawyer, so I’m not sure if there are provisions in place that would block either of these actions from Apple, but I do expect that there will be a long game of cat and mouse here as Apple and the EU continue to try and one-up the other’s actions.