As Cyberdog says, the hoop is that a lot of regular users do not know about.
Moreover, signatures and notarization are there for a reason. Code signing makes it more likely that the bundle was not tampered with. Apple can revoke the certificate if the developer key leaked. Notarization will catch at least some forms of malware.
I refuse to run unsigned code (with one exception), because it decreases security significantly. There have also been severe incidents in the past with unsigned code, e.g.:
Moreover, signatures and notarization are there for a reason. Code signing makes it more likely that the bundle was not tampered with. Apple can revoke the certificate if the developer key leaked. Notarization will catch at least some forms of malware.
I refuse to run unsigned code (with one exception), because it decreases security significantly. There have also been severe incidents in the past with unsigned code, e.g.:
https://blog.malwarebytes.com/threat-analysis/mac-threat-ana...