Should solve #15774.
Adds a note on how to notarize the macOS disk image to the release process documentation. Since macOS 10.14.5, applications must be notarized in order to run (user can disable the strictness though).
The xcrun altool --notarize-app call uploads the .dmg-file to the apple gatekeeper server where it will be scanned for malware. Once approved, users opening the Bitcoin-Qt.app will no longer see the missing-notarization error (requires internet connection). Offline users can still disable the notarization-check feature in their macOS settings.
In order to execute the notarization, one needs the Bitcoin Core Code Signing Association Apple Developer Programm credentials (it’s a manual per app created password).
We could further expand towards offline-notarization capabilities by “stapling” the Apple approved notarization ticket into the application bundle (non trivial to implement in out gitian process).
General info: https://developer.apple.com/documentation/xcode/notarizing_macos_software_before_distribution
Developer instruction using a manual build process (like we do): https://developer.apple.com/documentation/xcode/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow