At the Developers Conference (WWDC 2019) in June, Apple announced that it would restore application verification requirements for macOS Catalina to keep end users safe. The new policy will begin in February 2020 and will affect macOS software released through the non-Mac Store during the transition period. Apple has previously introduced a full implementation of the new policy to ensure the push to launch macOS Catalina. But the new announcement says the grace period will end early next year.
(Instagram via Apple Insider)
In an article on Apple’s developer’s website, the company confirmed that “all submitted software must be certified from February 3, 2020.”
The new policy requires developers to submit apps to Apple for pre-audit to verify their security, or they will not be able to run in macOS Catalina.
As an extension of the current Gatekeeper process, Apple has made this optional item a mandatory requirement to ensure that downloaded software comes from a trusted source and that Apple automatically scans certified applications for security issues or malicious code.
Although the Mac App Store pre-enforces rigorous checks, this validation project ensures the security of software code from third-party servers, such as servers owned and managed by developers themselves, and provides a similar level of security to download users.
Under the temporary terms that began in September, Apple has not used enhanced runtime features (including components and timestamps that are not signed by the developer ID) for validation apps. These apps are built from older SDKs or contain the power to “allow tasks to be performed.”
During the transition, developers are able to complete validation and protect users with older third-party software sources on Catalina. But for developers who haven’t yet uploaded to the verification server, Apple has issued a warning until February 3.
After that, unverified macOS applications run times wrong (not warning prompts).