v2023.5

Notes

➕ Santa now supports Signing ID rule types. See full documentation on santa.dev.

➕ File Access Authorization configuration now supports inverting the exception list in order to specify the processes that should be denied (or audited) instead of allowed.

What's Changed

• Clarify that execution_time is a float64 by @jasonmc in #1080
• Fix documentation for clean sync field in the preflight request. by @faizanrashid in #1082
• Switch SNTEventState to uint64_t, reposition flag values and masks by @mlw in #1086
• Add support to file monitoring config to invert process exceptions by @mlw in #1083
• Inject additional dependencies into the serializers by @mlw in #1078
• Docs: Added instructions for how to use config-overrides.plist by @pmarkowsky in #1077
• santactl/rule: Fix --path argument by @russellhancox in #1089
• Don't establish the FAA client pre-macOS 13 by @mlw in #1091
• Return unique_ptr from Enrich instead of shared_ptr by @mlw in #1093
• Stop unmuting the default mute set unnecessarily. by @mlw in #1095 (fixes: #1094)
• Add new rule type for Signing IDs by @mlw in #1090
• docs: Update vulnerability reporting instructions by @russellhancox in #1098
• Handle database downgrade scenarios gracefully by @mlw in #1099
• Fix precedence for static rule evaluation, santactl fileinfo output by @mlw in #1100

New Contributors

• @jasonmc made their first contribution in #1080
• @faizanrashid made their first contribution in #1082

Full Changelog: 2023.4...2023.5

v2023.4

Notes

❗ The EnableBackwardsCompatibleContentEncoding config key has been removed. We were not aware of any sync servers requiring this key; please contact us if you were using it and need an equivalent to be added.

➕ A new config key, SyncClientContentEncoding has been added to allow switching from the default deflate to gzip. This new option doesn't improve compression but is required for some servers to support compression.

➕ A new config key, EnableSilentTTYMode has been added, that allows disabling notifications from Santa to be posted in a user's terminal session.

What's Changed

• GUI: Device event window, handle empty remount args by @russellhancox in #1066
• sync: Add more complete XSSI prefix to be stripped. by @russellhancox in #1068
• Fix string length issues by @mlw in #1070
• config: Add EnableSilentTTYMode key to disable TTY notifications. by @russellhancox in #1072
• Ensure unmount always flushes appropriate caches by @mlw in #1073
• Cache flush metrics by @mlw in #1074
• README: Add more badges by @russellhancox in #1075
• Make the sync client content encoding a tunable by @pmarkowsky in #1076
• One more TSAN fix by @kallsyms in #1079
• sync: Permit XSRF header between sync stages/sessions by @russellhancox in #1081

Full Changelog: 2023.3...2023.4

v2023.3

What's Changed

• santactl/rule: Validate identifier is a valid SHA-256 for binary/cert rules by @russellhancox in #1045
• Config: Ignore static rules with an invalid identifier by @russellhancox in #1049
• metrics: Properly report "file access client enabled" metrics by @mlw in #1051
• chore(ci): Upgrade workflows to non-deprecated runtimes by @dev-slatto in #1052
• Basic rate limiting for File Access Authorizer by @mlw in #1053
• config: Support filesystem monitoring config embedded in main Santa config by @mlw in #1054
• [BUGFIX] Fix SD Card Block not operating on Internal SD Card Readers by @liamn in #1055
• test: Fix a couple last TSAN failures by @kallsyms in #1056
• docs: Document SigningID and PlatformBinary exception keys by @mlw in #1059
• sync: Allow server to override the header for transmitting XSRF tokens by @russellhancox in #1060
• sync: Fix case of empty header name by @russellhancox in #1062
• protolog: Change types of repeated args and envs fields by @mlw in #1063

New Contributors

• @dev-slatto made their first contribution in #1052

Full Changelog: 2023.2...2023.3

v2023.2

Notes

• Many improvements to the File Access Authorization feature, which remains in BETA.
• Platform binaries can now be excluded from authorization checks in FAA
• Several performance improvements

What's Changed

• GUI: Re-write AboutWindow view in SwiftUI by @russellhancox in #1007
• shadow rules_python for fuzzing by @kallsyms in #1009
• GUI: Migrate DeviceMessageWindow to SwiftUI by @russellhancox in #1010
• Ensure watch item names conform to naming requirements by @mlw in #1011
• Reduce proto warning severity by @mlw in #1012
• Reduce calls into configurator by @mlw in #1013
• Project: Fix module maps for swift libraries and their dependencies by @russellhancox in #1014
• Remove extra expectation in test by @mlw in #1015
• Add new continuous test run with various sanitizers by @kallsyms in #1016
• Log type metrics by @mlw in #1018
• Initial docs for file access auth feature by @mlw in #1017
• Fsmon docs table width by @mlw in #1020
• Try with more vertical space by @mlw in #1021
• docs: Support wider pages, fix syntax highlighting of plist by @russellhancox in #1022
• Remove Default column by @mlw in #1024
• add updated description by @headmin in #1023
• docs: fix width of sidebar on larger windows by @russellhancox in #1025
• Fix team ID and signing ID checks by @mlw in #1026
• Fix: Rewrite the SNTMetricHTTPWriter to avoid potential stack corruption by @pmarkowsky in #1019
• Perf: Translocate cache, reserve proto repeated fields by @mlw in #1027
• Use cached sizes when serializing by @mlw in #1028
• Rework timeout handling in metrics HTTP writer by @mlw in #1029
• Restart daemon on log type change by @mlw in #1031
• santactl & syncservice: Use synchronousRemoteObjectProxy where it makes sense by @russellhancox in #1033
• Configurator: Return an unsafe_unretained pointer to avoid needless retain/release by @russellhancox in #1035
• Replace SNTDecisionCache dictionary with SantaCache by @mlw in #1034
• Report log type in santactl status by @mlw in #1036
• Small test fixes to make sanitizers happy by @kallsyms in #1030
• Fix: correct sync protocol diagram by @pmarkowsky in #1037
• Clear ES cache when watch items change by @mlw in #1042
• Add support for platform binary to process exceptions by @mlw in #1041
• Add basic metrics to report when the FAM client is enabled by @mlw in #1043

Full Changelog: 2023.1...2023.2

v2023.1

Notes

• Dropped support for macOS 10.15, minimum version is now macOS 11.
• (BETA) Added file access authorization feature, docs at https://santa.dev/deployment/file-access-auth
• USB blocking will now also block SD cards (thanks @liamn)
• sync: Improved debug output when auth fails
• Improved reliability in reconnecting sync and metrics daemons
• Several performance improvements

What's Changed

• docs: Fix typo in sync-protocol, h/t to @maxwbuckley by @russellhancox in #940
• docs: Update keyserver address in SECURITY by @russellhancox in #941
• Rename santa_vnode_id_t to SantaVnode by @mlw in #943
• Switch from task_info to libproc for system resource info by @mlw in #939
• Drop macOS 10.15 by @mlw in #944
• Remove SNTCommon by @mlw in #945
• Include SD Card Mounting in the USB Block Functionality by @liamn in #938
• Watch items by @mlw in #937
• Tests: Fix some assertions comparing strings by @russellhancox in #947
• santad: Change workaround for glob header with blocks by @russellhancox in #948
• Initial work for File Access Authorizer Client by @mlw in #949
• Draft proto for new FileAccess log by @mlw in #952
• FS Access Config Version, Policy decision enums by @mlw in #951
• Import fix by @mlw in #953
• pemdas by @mlw in #955
• Config: In debug builds, allow config to be overridden from a plist file. by @russellhancox in #957
• Tests: Fix SNTEndpointSecurityFileAccessAuthorizerTest by @russellhancox in #958
• Dynamically enable/disable FS Access client based on config by @mlw in #959
• Use the appropriate variable when asynchronously processing auth messages by @mlw in #961
• Enrich file access events, prepare for logging by @mlw in #962
• santad: Flush cache when StaticRules are changed by @russellhancox in #963
• Serialize File Access events by @mlw in #964
• Introduce end-to-end testing by @kallsyms in #919
• Lint the E2E start-vm Python script by @kallsyms in #965
• Fix message lifetime by @mlw in #966
• Use absl_guarded_by instead of guarded_by by @kallsyms in #967
• Track path types for current/new watch items by @mlw in #968
• Fix import issues by @mlw in #969
• Update LICENSE for VM code by @kallsyms in #970
• Address policy consistency issues by @mlw in #971
• sync: Fix deduplication in reachability handler by @russellhancox in #973
• Fix golden test data for macOS 13 by @mlw in #972
• Project: Upgrade MOLAuthenticatingURLSession to v3.1 by @russellhancox in #974
• Adopt new ES APIs to monitor target paths by @mlw in #975
• Revitalize Fuzzing by @kallsyms in #976
• Fix import: Add build targets, lint by @mlw in #978
• Allstar: Add fuzzing artifact by @russellhancox in #980
• Fix SNTFileInfoTest for macOS 13 by @pmarkowsky in #977
• Fix loop when no override config is specified by @kallsyms in #981
• Run fuzzing in a VM by @kallsyms in #982
• Use new public api for booting VM into recoveryOS by @kallsyms in #983
• Adopt new ES APIs to watch target paths in tamper client by @mlw in #984
• Fix SNTFileInfo Fuzzing by @kallsyms in #985
• Fix nightly run cron specification by @kallsyms in #986
• Opportunistically use ES cache when possible by @mlw in #989
• Fuzz embedded plist reading by @kallsyms in #990
• Add more event coverage in the file access client by @mlw in #991
• More event type support by @mlw in #992
• lower fuzz case timeout to 5s by @kallsyms in #993
• Change name of santa config keys for file access monitoring by @mlw in #995
• docs: Fix deployment/configuration doc by @russellhancox in #996
• Add policy version and name to basic string serializer by @mlw in #997
• Adopt new FS Access Auth config format and policy application logic by @mlw in #994
• Support configuring signing IDs for process exceptions by @mlw in #998
• Rename type aliases by @mlw in #999
• Add watch item state to santactl status by @mlw in #1000
• Reconnect to santametrics service on failure by @kallsyms in #1001
• Configurator: Apply config updates in non-daemon processes by @russellhancox in #1003
• Low hanging fruit perf changes by @mlw in #1004
• Prevent recursive reconnect attempts by @mlw in #1005
• Revert "Configurator: Apply config updates in non-daemon processes" by @russellhancox in #1008

New Contributors

• @liamn made their first contribution in #938

Full Changelog: 2022.11...2023.1

v2022.11

What's Changed

• Docs: Fix type of {allowed,blocked}_path_regex keys in preflight by @russellhancox in #934
• Prefix tree updates by @mlw in #931
• GUI: Fix distributed notifications in silent mode by @russellhancox in #936

Full Changelog: 2022.10...2022.11

v2022.10

Notes

• Re-added the protobuf value for the EventLogTypeconfiguration key. This key remains a BETA and should not be used in production as changes are still being made.
• The block_usb_mount and remount_usb_mode keys can now correctly be synchronized from a server.
• The EnableSilentMode key for the GUI has been fixed. Note: enabling silent mode currently breaks distributed notifications; this is fixed in the 2022.11 release, which should be published within 2 weeks.**

What's Changed

• Make SNTCommonEnums a textual header by @itf in #896
• Proto serializer by @mlw in #897
• Fsspool adopt by @mlw in #900
• Fix USB config sync by @np5 in #890
• Machine id proto by @mlw in #907
• Spool writer by @mlw in #908
• Proto minimization by @mlw in #909
• USB: usbBlockMessage is not being used. by @videlanicolas in #915
• Fix issue with transposed remount/banned block messages by @mlw in #917
• Fix: duplicates bug in SNTMetricSet when using multiple fields by @pmarkowsky in #920
• Event metrics by @mlw in #918
• Fix issue in test that would crash on some platforms by @mlw in #922
• Change order that ES clients are enabled by @mlw in #923
• Update Known Limitations for USB Mass Storage Blocking by @pmarkowsky in #924
• GUI: Fix EnableSilentMode key by @russellhancox in #927
• metrics and logging cleanup by @mlw in #928
• Update spool to flush on size thresholds instead of batch counts by @mlw in #930
• Don't add messages when accumulated bytes exceeds threshold by @mlw in #932

Build fixes

• Import fixes by @mlw in #902
• More import fixes by @mlw in #904
• Update include paths and add include guard by @mlw in #905
• Update build docs. by @mlw in #911
• Change include to import by @mlw in #912
• Various changes to fix import by @mlw in #913
• Fix some more includes by @mlw in #914
• More import fixes by @mlw in #921

New Contributors

• @itf made their first contribution in #896
• @videlanicolas made their first contribution in #915

Full Changelog: 2022.9...2022.10

v2022.9

Notes

• This release includes a major overhaul of Santa internals, primarily its logging subsystem and how it interacts with the EndpointSecurity framework to receive events.
• The beta protobuf value for the EventLogType configuration key is not supported in this release.
• The EnableSysxCache configuration key has been removed. There is no longer an option to disable response caching within Santa.

What's Changed

• README: Fix logo link, remove coverage badge by @russellhancox in #882
• README: Try again, this time replacing the correct bit by @russellhancox in #883
• Allstar: Pre-emptively check-in binary_artifacts.yaml to exclude test binaries by @russellhancox in #884
• Refactor the SNTApplicationTest unit tests to function correctly by @pmarkowsky in #885
• Project: Update bazel and apple-rules by @russellhancox in #887
• ES and Logging Interfaces Redesign by @mlw in #888
• Ingestion fixups by @mlw in #891
• Linter and BUILD deps fixups by @mlw in #892
• Build deps by @mlw in #893
• Return a value from the test block by @mlw in #894
• Fix crash flushing cache on unmount events by @mlw in #895

Full Changelog: 2022.8...2022.9

v2022.8

Notes

• Sync state plist is no longer world-readable
• GUI now shows team ID for App Store apps
• Added EnableSilentMode configuration option to disable GUI notifications
• Santa now posts NSDistributedNotificationCenter notifications for block events

What's Changed

• Sync state plist | only allow santad read+write permissions by @bfreezy in #858
• Docs: Add recommended rollout doc by @kathancox in #861
• syncservice: Add tests for NSData+Zlib and Postflight by @russellhancox in #864
• Sync Protocol Docs by @pmarkowsky in #860
• Docs: Add StaticRules to example mobileconfig by @russellhancox in #866
• add link to GitHub in docs by @headmin in #868
• GUI: For App Store published apps, include team ID. by @russellhancox in #872
• GUI: Add silent mode configuration option. by @russellhancox in #871
• Santa: Post distributed notification when showing block UI by @russellhancox in #870
• GUI: Improve signing chain key reporting in distributed notifications. by @russellhancox in #874
• Project: Add a GH action to prevent trailing whitespace by @russellhancox in #873
• GUI: Expose SNTNotificationManager.h for the test. by @russellhancox in #875
• GUI: Missed a required dependency by @russellhancox in #876
• Project: Rename Source/santa -> Source/gui by @russellhancox in #877
• Fix up endTimestamp to be Monarch compliant by @pmarkowsky in #879

Full Changelog: 2022.7...2022.8

v2022.7

Notes

• This release adds Static Rules, which can be used to either manage rules using an MDM or for managing a fallback set of rules in case an issue occurs with a configured sync server.
• Event uploads and logs now include the team ID
• An option to disable event uploads for unknown binaries was added

What's Changed

• Readme: http -> https link by @case in #829
• Add team ID to synced events by @np5 in #827
• Project: Upgrade bazel rules_apple to 1.0.1 release by @russellhancox in #830
• Docs: Add gemfile for running jekyll locally. by @russellhancox in #834
• Use the message copy in the dispatch blocks by @mlw in #839
• adhoc build and run santa by @tburgin in #840
• Docs: Updated home page with README files & nav changes by @kathancox in #841
• CI: Make CI workflow only run on source changes by @russellhancox in #843
• Project: Delete tulsiproj, add basic doc about hedron by @russellhancox in #845
• santad: Allow configuring a static set of rules via configuration profile by @russellhancox in #846
• santad: Improve caching of static rules by @russellhancox in #847
• santasyncservice: Keep XSRF token in memory, don't send to daemon by @russellhancox in #851
• santad: Fix re-establishment of syncservice connection by @russellhancox in #849
• santactl/status: Fix printing of static rules by @russellhancox in #848
• santad: Add DisableUnknownEventUpload option. by @russellhancox in #852
• santad: Log team ID in execution logs, where available by @russellhancox in #850
• Ensure KVO works for USB config options by @pmarkowsky in #853
• Added quick getting started page for deployments by @kathancox in #855
• Add sync server list by @kathancox in #856
• Tests: Fix un-needed expectation in SNTExecutionControllerTest.allEve… by @russellhancox in #857

New Contributors

• @case made their first contribution in #829
• @kathancox made their first contribution in #841

Full Changelog: 2022.6...2022.7