User Profile

My goal is to use Development signing (Organizer -> Distribute App -> Development radio button) to distribute my app to internal testers during the development process. Note: this is explicitly different than "Developer ID signing". This is the flavor that requires a provisioning profile that enumerates all possible target Mac device UUIDs.I have setup an app identifier, development certificate and a provisioning profile that contains the UUID of another Mac.I have created a simple macOS test app using nothing more than Xcode-provided (11.13.1) code and resources.When I use the Organizer -> Distribute App -> Development UI-based worflow to create a distribution for the Mac defined in the provisioning profile and attempt to run on the target Mac (running 10.15.2), I get the following error:“SignTest” can’t be opened because Apple cannot check it for malicious software.This software needs to be updated. Contact the developer for more information.This looks like the same error you'd receive with a Developer ID signed app that was not notarized before running.Code sign verification checks out:λ codesign --verify --deep --verbose=3 SignTest.appSignTest.app: valid on diskSignTest.app: satisfies its Designated RequirementWhile security assessment policy fails:λ spctl -a -t exec -vv SignTest.appSignTest.app: rejectedorigin=Apple Development: William Sloat (VFFC883UQ2)Xcode Organizer UI doesn't provide the option to "Upload/Send to Apple notary service" for Development signing like it does for Developer ID signing, so on a whim, I decided to see if using command line-based notarization would fix the issue and make the malicious software prompt go away, with the theory being that maybe Catalina expects both Development and Developer ID signed apps to be notarized (despite not being explicitly directed as such in the Organizer UI distribution workflow). After performing the following:λ /usr/bin/ditto -c -k --keepParent "SignTest.app" "SignTest.zip"λ xcrun altool --notarize-app --primary-bundle-id "com.aurorafoundry.SignTest" --file "SignTest.zip" --username XXXX --password XXXXNo errors uploading 'SignTest.zip'.I ran xcrun altool --notarization-info and followed the URL provided by the LogFileURL field in the response. It contained two issues:{ "severity": "error", "code": null, "path": "SignTest.zip/SignTest.app/Contents/MacOS/SignTest", "message": "The binary is not signed with a valid Developer ID certificate.", "docUrl": null, "architecture": "x86_64" }, { "severity": "error", "code": null, "path": "SignTest.zip/SignTest.app/Contents/MacOS/SignTest", "message": "The signature does not include a secure timestamp.", "docUrl": null, "architecture": "x86_64" }This response seems to imply that notarization is not expected/supported for a Development signed app. This leaves things in a bit of a conundrum. Notarization isn't supported for Development signed apps, but Catalina is acting like it needs to validate the notarization. Am I missing something or is Development signing no longer really supported on 10.15 and beyond?Thanks in advance!Josh