You can’t really remove GPS on stock. Furthermore, it seems dev verification will be baked in the install process.
When you try to install an Android app, the operating system already performs a number of checks before allowing the installation to go through. These checks ensure an app with the same application ID (i.e., package name) isn’t already installed, that it isn’t built for an extremely old version of the OS, and, most importantly, that it hasn’t been flagged as malware by Google Play Protect.
Google is now tacking on an additional step to this process. The company has built a hook into the install flow, requiring any app being installed for the first time to go through verification. At the time of installation, Android will communicate with a “trusted entity” on the device called the Android Developer Verifier. This new, preloaded system service determines if the app’s developer has been verified, if any issues were encountered during verification, and finally, what installation policy to enforce.
The second quarterly release of Android 16, ie. Android 16 QPR2, will be the first version of Android to natively support these changes. However, the verification policies won’t be enforced when the update rolls out in December, as Google is still working on its implementation and collecting metrics. The changes will be backported to older versions of Android through Google Play Protect, though Google says there may be some slight differences because this method leverages an existing app rather than the new, native verifier service built into the OS.