Ok well I can see this turning into the cluster f*** it usually is so here's how to code sign and notarize and staple your plugin - note this is for distributing plugins - not for distributing installers (like .pkg and .dmg files), also note you will need your apple ID, your team Id and to have made (and kept) a password for your notary tool all in the apple dev web site...you will also need the relevant certificates(A developer ID Installer certificate) in your Keychain Access
build/compile your plugin.
copy your plugin to the desktop
open a terminal window
move to the desktop with this command:
cd desktop
5.codesign your plugin with this command:
codesign --deep --force --options runtime --sign "Developer ID Application: your dev name ( your dev id)" "/Users/your username/Desktop/your plugin name.vst3"
zip up your plugin into yourpluginname.zip and leave it on the desktop
Notarize your pluginzip with this command:
xcrun notarytool submit --apple-id "your apple id (an email addess is likely)" --password "your notray tool password" --team-id "your team id" "yourpluginname.zip" --wait
wait... it will tell you Processing.... and eventually tell you Accepted (if it works)
Staple your plugin on the desktop --- no thats not the zip you just sent to Apple, its the plugin from step 2.... use this command:
xcrun stapler staple "/Users/your user name/Desktop/your plugin name.vst3"
if this is successful (it will tell you) ... you re done...and you can zip up and ship your plugin....