In order to get a non-'Apple Developer ID' code signed (or even unsigned) app to run, a user has to first double click on the App once. Personally, I am encouraged that Big Sur still has the GateKeeper bypass. What Microsoft has to say on the subject. If your users are getting 'If macOS detects a malicious app' warnings, I'm not sure what to do for you. It is also unclear if Apple will start locking down the macOS to only 'Apple Developers', like they do on iOS.Ībout GateKeeper, 'notarization', and code signing from Apple. The major difference is Apple has long since moved the bypass off of the pop-up, and buried it away. On macOS, Apple has a Verified App detector called GateKeeper.
