Apple moves to greatly reduce malware on macs
A big change that's been happening quietly is Apple's Notarization service.
Ever since the App Store opened and was the only place to obtain software for the iPhone ('jailbreaking' excepted), I've been waiting for the sun to set on being able to download and install Mac apps from the web. Which is the core of my business. (Mac App Store sales amount to a small proportion of my income).
Notarization is a step in that direction, although it still leaves developers free to distribute outside the app store. It means that Apple examine the app for malware. At this point they can't reject your app for any reason other than the malware search. They do specify 'hardened runtime' which is a tighter security constraint but I've not found this to restrict functionality, as the Sandboxing requirement did when the App Store opened.
When the notarization service started last year, it was optional. Now Gatekeeper gives a more preferable message when an app is notarized, and it looks as if 10.15's Gatekeeper will refuse to install apps that haven't been notarized.
It genuinely seems geared towards reducing malware on the Mac. "This is a good thing" says John Martellaro in his column.