Skip to content

v2023.5

Compare
Choose a tag to compare
@mlw mlw released this 01 Jun 18:27
5307bd9

Notes

➕ Santa now supports Signing ID rule types. See full documentation on santa.dev.

➕ File Access Authorization configuration now supports inverting the exception list in order to specify the processes that should be denied (or audited) instead of allowed.

What's Changed

  • Clarify that execution_time is a float64 by @jasonmc in #1080
  • Fix documentation for clean sync field in the preflight request. by @faizanrashid in #1082
  • Switch SNTEventState to uint64_t, reposition flag values and masks by @mlw in #1086
  • Add support to file monitoring config to invert process exceptions by @mlw in #1083
  • Inject additional dependencies into the serializers by @mlw in #1078
  • Docs: Added instructions for how to use config-overrides.plist by @pmarkowsky in #1077
  • santactl/rule: Fix --path argument by @russellhancox in #1089
  • Don't establish the FAA client pre-macOS 13 by @mlw in #1091
  • Return unique_ptr from Enrich instead of shared_ptr by @mlw in #1093
  • Stop unmuting the default mute set unnecessarily. by @mlw in #1095 (fixes: #1094)
  • Add new rule type for Signing IDs by @mlw in #1090
  • docs: Update vulnerability reporting instructions by @russellhancox in #1098
  • Handle database downgrade scenarios gracefully by @mlw in #1099
  • Fix precedence for static rule evaluation, santactl fileinfo output by @mlw in #1100

New Contributors

Full Changelog: 2023.4...2023.5