Xcode 10 introduced notarization for Mac apps distributed outside the App Store. Apple has announced that "in an upcoming release of macOS, Gatekeeper will require Developer ID signed software to be notarized by Apple." To get notarization for a Developer ID signed app, the developer submits the app to Apple for some kind of security scan, which Apple claims is automated. After Apple notarizes the app, the developer receives a "ticket", which can be "stapled" to the app before distribution. When a macOS Mojave user opens a downloaded app that has been notarized, Gatekeeper verifies that the app's ticket is valid. On macOS 10.14.1, notarization is still optional. We don't know yet which version of macOS will start to require it.
I decided to try notarization with Bonjeff, my open source app that shows a live display of the Bonjour services published on your network. Submitting the app to Apple was easy enough. I uploaded it in Xcode, and 2 minutes later I got an email saying "Your Mac software has been notarized. You can now export this software and distribute it directly to users." However, 3 hours later the Xcode organizer still says the status is "Processing", and it won't let me export the notarized app. I've quit and relaunched Xcode. Toggled wifi. Even rebooted. Nothing helped. Thus, at present I won't be releasing a notarized version of Bonjeff. I'm aware that you can distribute a notarized app without a stapled ticket, and Mojave will attempt to download the ticket from Apple when the user opens the app, but that's not a great experience, and I don't see the point in going halfway.
I'm using Xcode 10.1, the latest version. In the Apple Developer Forums, one developer who also had this problem said that Developer Technical Support suggested updating from High Sierra to Mojave. Sorry, I'm not going to do that on my main development machine just to notarize an app. It's been suggested to me that I should try the command-line tools to export the app. I could, but… Xcode ought to "just work", and I'm not in any hurry to notarize. In fact, I'm opposed to notarization in principle, though I won't argue that case in this blog post. I'll give notarization a try if Apple makes it simple. Otherwise, forget it! How can Apple expect to make notarization mandatory when the basic developer tools still don't work right 5 months after WWDC?