Catalina’s GateKeeper has gotten stricter. Apps need to be “notarized”
by Apple, which in turn requires the “Hardened Runtime” to be enabled,
which in turn checks to make sure all libraries and plugins are signed
by the same developer (by default).
I don’t have enough information about specific your problem, but in
general your best solution is to:
-
Make sure all your libraries/frameworks/plugins are properly
codesigned with the same key you sign your app with. Enable the
hardened runtime when signing your app. Notarize. -
Alternatively, if just for testing or for you & your friends, you
can ignore all code signing. Don’t enable the hardened runtime. -
Or if you really need SDL.framework to be signed differently than
you and need the hardened runtime, you need to add the
com.apple.security.cs.disable-library-validation entitlement for the
codesigning phase.
-Eric