Came here to say the same thing. The installation b/s gives me the impression this developer doesn’t take releasing MacOS software serious enough to trust them with running code on my machine, let alone having access to highly secure things like payment gateway auth tokens.
Hey now, the notarisation priority bit has only been set for a little while, if you wanna release early/often, you can't wait around for Apple to approve your submission...
I honestly can't tell if this is sarcasm or not, but I notarise builds on commit as part of CI and it took...all of about five minutes to set up. Three of those minutes were me hunting around my desk for my 2FA phone. The whole thing is _trivial_ to automate, and I normally see notarisation times around 2-3 minutes.
Is it more tedious than just flinging something up on the web? Sure. Is it so much of an obstacle that we should give up on shipping vaguely secure software for Macs? Obviously not.
(I do have time for the argument that the $non-zero/year fee excludes a huge swath of indie/hobbyist/student developers, but that's not what we're talking about here.)
Thanks for saying this. I emphatically agree with all points but wanted to add, even if you don’t have a CI/CD pipeline already, doing notorization is trivial locally.
