Releases: northpolesec/santa
v2025.1
Notes
If you're migrating from Google Santa, please see the Migration Guide for details on how to upgrade.
Santa documentation can be found at northpole.dev.
Fixed
❗ Fixed an issue where santactl could sometimes hang for a short time before producing output
❗ Fixed issue where there was a small chance some random data could be appended to telemetry output when using EventLogType=syslog
Changed
Added
➕ New telemetry event types: clone and copyfile
➕ Executable entitlements, signing status, and codesigning flags are now included in events sent to the sync server
➕ The sync_type field has been added to the Postflight Request message of the sync protocol to indicate the type of sync that was performed
➕ Japanese localization
What's Changed
- Project: Add labeler workflow by @russellhancox in #175
- Remove auto-labeling for build file changes by @mlw in #176
- gui: Update keyboard shortcut for copy details button by @russellhancox in #173
- Add entitlements to sync protocol by @mlw in #163
- TestGUI: Fix missing replyCallback, make labels in UI verbatim. by @russellhancox in #178
- Restructure Watch Items objects to prepare for Proc FAA by @mlw in #161
- initial Japanese localization by @arubdesu in #177
- gui: Use interpolation where needed in strings by @russellhancox in #180
- Add ring buffer implementation by @mlw in #181
- Use a deque for the ring buffer for better dequeue performance by @mlw in #182
- Standalone: Switch to a hold-and-ask model (part 1) by @russellhancox in #174
- gui: Fix the 'prevent future notifications' label in English by @russellhancox in #183
- Make SNTRule initWithDictionary case insensitive by @pmarkowsky in #179
- Project: Stop pointing at my fork of MOLXPCConnection by @russellhancox in #185
- Rework how valid rule IDs are tracked by @mlw in #184
- Add signing status and cs flags to sync proto by @mlw in #186
- Track ask and hold mode atomically while processing an event by @mlw in #187
- Add support for clone and copyfile telemetry events by @mlw in #189
- Add serializations for clone and copyfile by @mlw in #192
- Enforce max size to write for non-null-terminated buffer by @mlw in #193
- Up rules_apple to 3.16.1 to fix #190 by @the80srobot in #191
- Project: Update PR labeler, dependabot config, upgrade to bazel v8 by @russellhancox in #195
- sync: Populate sync_type field in postflight by @russellhancox in #196
- santactl status: fix hang when sync server is unresponsive by @tburgin in #199
- config: use CFPreferencesCopyAppValue and CFPreferencesAppValueIsForced by @tburgin in #200
- sync service: add support for APNS by @tburgin in #158
- apns: add basic message handling by @tburgin in #162
- Adopt ring buf for queued notifications by @mlw in #188
- Add mandatory load statements to prepare for upcoming Bazel changes by @mlw in #204
- Ensure ES doesn't cache incorrect hold and ask responses by @mlw in #201
- Forwards compatibility with string_view proto descriptor names by @gnoack in #206
- Bump dependency versions by @mlw in #207
- Add an optional step to add a TeamID rule for NPS Santa by @pmarkowsky in #203
- Standardized naming for critical sections based on mutex or GCD queue by @mlw in #208
- Clarify uniqueness properties of PID + pidversion by @gnoack in #209
- common: Add bootSessionUUID to SNTSystemInfo by @russellhancox in #210
- Remove pending standalone notifications on UI connection invalidation by @mlw in #213
- Ensure that non-glob faa path patterns are watched by @mlw in #212
- Address more future mandatory load requirements for Bazel by @mlw in #215
- Add back code to watch changes to our defaults domain by @mlw in #214
- Add licenses back to santa/BUILD by @kubalaguna in #198
- gui: Fix open button appearing when it shouldn't. by @russellhancox in #217
- Config: Adjust perms to 0644 for sync-state.plist. by @russellhancox in #218
- Ensure cached static rules in proper state on invalid configs by @mlw in #219
- gui: Simplify logic for button presentation by @russellhancox in #220
- Revert "Config: Adjust perms to 0644 for sync-state.plist." by @mlw in #222
- Idempotent config states (pt1) by @mlw in #221
New Contributors
- @arubdesu made their first contribution in #177
- @the80srobot made their first contribution in #191
- @gnoack made their first contribution in #206
Full Changelog: 2024.12...2025.1
Contributors
Assets 5
v2024.12
Notes
If you're migrating from Google Santa, please see the Migration Guide for details on how to upgrade.
This release fixes an issue that could affect users that upgraded to v2024.11 from v2024.10. If you installed v2024.11, please see the discussion on potential remediation steps that might be necessary.
Fixed
❗ Critical binaries are now allowed by Signing ID instead of hash to address issues that could affect users when upgrading in Lockdown mode.
❗ Stronger checks were added to ensure users with root access cannot manually add rules when a sync server or static rules are being used.
Important
This release addresses a minor security issue that affects all previous Santa releases. We encourage users to upgrade as soon as possible.
What's Changed
- Fix: Add signing ID checks for critical binaries by @pmarkowsky in #164
- Enforce rule add checks on daemon by @mlw in #165
- Lockdown upgrade fix by @mlw in #166
- Fix upgrade rules teamid by @mlw in #167
- Rename migration plist due to tamper protection rules by @mlw in #168
- One more rename of the migration plist by @mlw in #169
Full Changelog: 2024.11...2024.12
Contributors
Assets 5
v2024.11
Notes
Caution
Shortly after the release of v2024.11, an issue was identified that could affect users upgrading from v2024.10 while in Lockdown mode. This would leave users in a partially installed state where the older version of Santa was still running. In this state you may see Santa components being blocked. Please use v2024.12 instead.
Remediation Steps
Please see the posted announcement for how to remediate if you've installed v2024.11: #170
Original Notes:
If you're migrating from Google Santa, please see the Migration Guide for details on how to upgrade.
Santa documentation can be found at northpole.dev.
Fixed
❗ Fixed issue where <img> tags in custom messages (from BannedBlockMessage, UnknownBlockMessage and the like) were not rendered.
❗ General UI improvements to handle edge cases such as long filenames/paths and more localization.
Changed
InvertProcessExceptions key in the File Access Authorization (FAA) config has been deprecated. Please switch to using the new RuleType key instead.
santasyncservice) now watch for config changes.
EnableAllEventUpload is set now contain all signing information
Added
➕ Beta support for the new Standalone Mode has been added. This mode operates like Lockdown mode, but allows the user to self-approve binaries via TouchID or password that aren't explicitly blocked.
➕ You now have more control over which events types are logged by using the Telemetry configuration key.
➕ Authentication events are now logged, including TouchID, OD, Smart Cards, and Watch unlock.
➕ santactl rule now supports the --comment flag allowing you to specify arbitrary information about the rule (e.g. what it's for or why it was created.
What's Changed
- README: Put back the release icons by @russellhancox in #104
- GUI: Add localization for Open... button by @russellhancox in #105
- Add proto for new authentication events by @mlw in #106
- GUI: Prevent publisher from expanding UI too much by @russellhancox in #109
- UI: Make images work in messages again by @russellhancox in #114
- Subscribe to authentication event types and handle enrichment by @mlw in #107
- GUI: Add TextWithLimit to limit field sizes by @russellhancox in #116
- Add RuleType FAA config to replace InvertProcessExceptions by @mlw in #110
- Doc improvements by @lid in #48
- UI: Make Swift code use shared configurator by @russellhancox in #117
- GUI: Add SNTTestGUI for doing manual testing of the UI by @russellhancox in #119
- config: services now watch for config changes by @tburgin in #121
- santad: Better filter HTML in custom messages by @russellhancox in #122
- santad/santactl: Add comment field for rules, populate for manual rules by @russellhancox in #123
- Project: Remove unused integration test components by @russellhancox in #134
- GUI: Allow testing of special dates in TestGUI. by @russellhancox in #136
- Add string serialization for authentication events by @mlw in #135
- Support protobuf tests up to ES message version 8 by @mlw in #138
- Add protobuf serialization for new authentication events by @mlw in #139
- gui: Fix crash unwrapping optional in EventDetailURL by @russellhancox in #141
- Log code signing information for critical system binaries by @pmarkowsky in #143
- GUI: Fix rendering of long filenames in More Details by @russellhancox in #145
- Config: Add nullability annotations to configurator by @russellhancox in #146
- Change auth instigator trigger field names in proto schema by @mlw in #142
- Doc: Add paragraph on rule layering by @pmarkowsky in #147
- Configurable telemetry event filtering by @mlw in #149
- Update protos version to include the new sync fields by @pmarkowsky in #152
- Project: Update protos repo by @russellhancox in #153
- Fix: Database Rule Table Version number by @pmarkowsky in #154
- Tests: Simplify SNTRuleTableTest by @russellhancox in #155
- Standalone Mode (Beta) (1/3) by @pmarkowsky in #86
- standalone: Allow password fallback by @russellhancox in #159
- Project: Fix continuation indentation by @russellhancox in #160
New Contributors
Full Changelog: 2024.10...2024.11
Contributors
Assets 2
v2024.10
Notes
This is the first release of North Pole Security Santa!
Please see the Migration Guide for details on how to upgrade from Google Santa.
Santa documentation is now hosted on northpole.dev.
Fixed
❗ Fixed bug where the "Code Signature Invalidated" telemetry event was never logged
❗ Fixed issue where File Access Authorization rule versions were displaying the wrong value in the UI
Changed
Added
➕ Details from the new blocked application dialog are now copyable
➕ Several new anti-tampering features were added to better protect Santa installs
➕ Localization is now supported. Initial languages include: German, Ukrainian and Russian. We'll be adding more over time. If you'd like to add support for a new language, we'd love to help you get started! Please open an issue and we can guide you through the process.
Other
Please note that Santa now has a new Bundle ID (com.northpolesec.santa) and TeamID (ZMCG7MLDV9). Signing IDs have also been updated to have the com.northpolesec.* prefix.
What's Changed
- change bundle id to com.northpolesec.* by @tburgin in #1
- Project: Update team ID wherever appropriate by @russellhancox in #4
- Add disclaimer by @pmarkowsky in #3
- Hook up CS INVALIDATED event by @mlw in #6
- cleanup legacy components by @tburgin in #7
- Fix tree aware clients handleContextMessage default return by @mlw in #17
- installer: support side-by-side install of NPS Santa [1/2] by @tburgin in #19
- installer: support side-by-side install of NPS Santa [2/3] by @tburgin in #20
- Revert "installer: support side-by-side install of NPS Santa [2/3] (#… by @tburgin in #26
- partial revert: installer: support side-by-side install of NPS Santa [1/2] by @tburgin in #27
- installer: generate migration pkg [1/2] by @tburgin in #28
- Project: Update notarization_tool.sh to take a key instead of username/password by @russellhancox in #31
- Update copyright statements for all binaries. by @pmarkowsky in #29
- installer: generate migration pkg [2/2] by @tburgin in #30
- Packaging: create package from files under
RELEASE_ROOTby @russellhancox in #32 - package: fix migration file path by @tburgin in #33
- package: fix migration prefix and set -e by @tburgin in #34
- package: cleanup com.northpolesec.santa.migration folder by @tburgin in #35
- Packaging: Copy the pkg to the artifact dir by @russellhancox in #36
- Actions: Cache bazel between workflows to optimize usage by @russellhancox in #39
- santad: Stop preventing kextload of santa-driver by @russellhancox in #38
- santad: Prevent overwrites of Santa.app by @russellhancox in #37
- Add new install command by @mlw in #40
- package: tamper resistant install [1/2] by @tburgin in #41
- santad: Cleanup functions that were moved in a previous PR by @russellhancox in #43
- package: sysx install services [2/2] by @tburgin in #42
- Set associated BundleIDs in launchd plists by @mlw in #45
- Implement daemon install command by @mlw in #44
- build: fix bazel run :reload by @tburgin in #47
- tamper: prevent open as writable on protected files by @tburgin in #49
- Fix tamper tests, add tests for OPEN event and prefix paths by @mlw in #50
- Workflows: Use the runner OS as the key for disk caches by @russellhancox in #51
- Project: Use
matrix.osas cache key instead ofrunner.osby @russellhancox in #52 - GUI: Re-write binary block window with SwiftUI [1/3] by @russellhancox in #46
- Project: Upgrade OCMock to v3.9.4, drop unused patches by @russellhancox in #57
- Project: Disable broken workflows by @russellhancox in #58
- GUI: Allow customization of silence period by @russellhancox in #54
- Sync: Migrate to using sync proto from northpolesec/protos by @russellhancox in #56
- GUI: Reduce icon saturation, add keyboard shortcuts as tooltips, move "Copy Details" by @russellhancox in #59
- GUI: Localization support by @russellhancox in #62
- GUI: Add selectable silence periods for FAA notifications by @russellhancox in #60
- GUI: Add support for German localization by @headmin in #63
- gui: fix publisher layout by @tburgin in #64
- tamper client: protect service configs by @tburgin in #55
- Localization: Don't use keys in strings in SNTBlockMessage. by @russellhancox in #66
- docs: Update santa-block.gif for new UI by @russellhancox in #68
- Prevent legacy service loads, cleanup legacy plists by @mlw in #65
- GUI: Refactor common UI elements into a single module. by @russellhancox in #67
- Set FAA per-rule version to the policy version by @mlw in #69
- gui: display bundle hashing progress by @tburgin in #71
- GUI: Update DeviceMessage to new UI by @russellhancox in #74
- Localization: Add script to regen and validate localizations by @russellhancox in #76
- Project: Disable pyink checks by @russellhancox in #77
- GUI: Updated support file for German localization by @headmin in #78
- docs: add a migration doc by @tburgin in #79
- Project: Cleanup trailing whitespace by @russellhancox in #80
- docs: Fix formatting in migration doc by @russellhancox in #82
- Minor cosmetic updates to migration doc by @mlw in #83
- docs: Fix a few typos in migration doc by @russellhancox in #84
- Fix typo in install command by @pmarkowsky in #85
- README: Some minor wording updates by @russellhancox in #87
- Project: When localization check fails, print a useful error by @russellhancox in #89
- Project: Ensure Swift code is properly formatted by @russellhancox in #88
- gui: do not add to recent applications by @tburgin in #90
- Address findings from migration testing by @mlw in #91
- Move away from /Library/Caches for migration by @mlw in #92
- gui: Make buttons the same width as the checkbox control by @russellhancox in #94
- Expose flushcache Command by @pmarkowsky in #95
- Only set AT_SYMLINK_NOFOLLOW_ANY on supported OS versions by @mlw in #98
- gui: Fix spacing around more details button on FAA dialog by @russellhancox in #97
- docs: add servicemanagement example profile by @tburgin in #99
- checkcache and flushcache are now hidden commands. Help text updates. by @mlw in #100
- gui: Add some date-based font shenanigans by @russellhancox in #96
- Make New Icons Meet Apple Guidelines by @pmarkowsky in #101
- gui: scale icon on window by @tburgin in #102
- Project: Add git commit to version output by @russellhancox in https://g...
