via https://www.reddit.com/r/gamedev/comments/di61ms/have_a_mac_game_on_steam_heres_a_guide_to_signing/
--options runtime
Is what should be enabling hardened runtime.
codesign -s "Developer ID Application: <YourName>" --timestamp --options runtime -f --entitlements entitlements.plist --deep YourApp.app
Check with
codesign -d -vvvv YourApp.app
Compress
/usr/bin/ditto -c -k --keepParent YourApp.app YourApp.zip
Submit
xcrun altool --notarize-app --primary-bundle-id "<id>" -u "<appleid>" -p "<app-specific password>" --file YourApp.zip
Check submission status
xcrun altool --notarization-info <RequestUUID> -u -u "<appleid>" -p "<app-specific password>"
Staple approval
xcrun stapler staple "YourApp.app"