Resolved. Since my last release of this application in 2019 I had forgotten that I actually have to upload the binary build to the notary service and publish that exported copy and not just a copy that was locally signed.

Thanks for the insight! Doesn’t have the Hardened Runtime capability enabled. Enabled from the beginning. Has components not signed with your Developer ID. Includes a .a static C library at build time that was built in a separate Xcode project. Could this be it? I presume Xcode signs the whole application at the end...? Doesn’t include a secure timestamp with your code-signing signature. Xcode does all the code signing. I presume that it does? Was built with an older SDK. Base SDK 10.15 Includes the com.apple.security.get-task-allow entitlement with the value set to any variation of true. Not used. So what's the magic bullet here? Would I need the second target version of this project get notarized separately? If so, it won't be a problem. I'd just like to know what I need to do. Thanks for the help.