v2024.11
Notes
Caution
Shortly after the release of v2024.11, an issue was identified that could affect users upgrading from v2024.10 while in Lockdown mode. This would leave users in a partially installed state where the older version of Santa was still running. In this state you may see Santa components being blocked. Please use v2024.12 instead.
Remediation Steps
Please see the posted announcement for how to remediate if you've installed v2024.11: #170
Original Notes:
If you're migrating from Google Santa, please see the Migration Guide for details on how to upgrade.
Santa documentation can be found at northpole.dev.
Fixed
❗ Fixed issue where <img> tags in custom messages (from BannedBlockMessage, UnknownBlockMessage and the like) were not rendered.
❗ General UI improvements to handle edge cases such as long filenames/paths and more localization.
Changed
InvertProcessExceptions key in the File Access Authorization (FAA) config has been deprecated. Please switch to using the new RuleType key instead.
santasyncservice) now watch for config changes.
EnableAllEventUpload is set now contain all signing information
Added
➕ Beta support for the new Standalone Mode has been added. This mode operates like Lockdown mode, but allows the user to self-approve binaries via TouchID or password that aren't explicitly blocked.
➕ You now have more control over which events types are logged by using the Telemetry configuration key.
➕ Authentication events are now logged, including TouchID, OD, Smart Cards, and Watch unlock.
➕ santactl rule now supports the --comment flag allowing you to specify arbitrary information about the rule (e.g. what it's for or why it was created.
What's Changed
- README: Put back the release icons by @russellhancox in #104
- GUI: Add localization for Open... button by @russellhancox in #105
- Add proto for new authentication events by @mlw in #106
- GUI: Prevent publisher from expanding UI too much by @russellhancox in #109
- UI: Make images work in messages again by @russellhancox in #114
- Subscribe to authentication event types and handle enrichment by @mlw in #107
- GUI: Add TextWithLimit to limit field sizes by @russellhancox in #116
- Add RuleType FAA config to replace InvertProcessExceptions by @mlw in #110
- Doc improvements by @lid in #48
- UI: Make Swift code use shared configurator by @russellhancox in #117
- GUI: Add SNTTestGUI for doing manual testing of the UI by @russellhancox in #119
- config: services now watch for config changes by @tburgin in #121
- santad: Better filter HTML in custom messages by @russellhancox in #122
- santad/santactl: Add comment field for rules, populate for manual rules by @russellhancox in #123
- Project: Remove unused integration test components by @russellhancox in #134
- GUI: Allow testing of special dates in TestGUI. by @russellhancox in #136
- Add string serialization for authentication events by @mlw in #135
- Support protobuf tests up to ES message version 8 by @mlw in #138
- Add protobuf serialization for new authentication events by @mlw in #139
- gui: Fix crash unwrapping optional in EventDetailURL by @russellhancox in #141
- Log code signing information for critical system binaries by @pmarkowsky in #143
- GUI: Fix rendering of long filenames in More Details by @russellhancox in #145
- Config: Add nullability annotations to configurator by @russellhancox in #146
- Change auth instigator trigger field names in proto schema by @mlw in #142
- Doc: Add paragraph on rule layering by @pmarkowsky in #147
- Configurable telemetry event filtering by @mlw in #149
- Update protos version to include the new sync fields by @pmarkowsky in #152
- Project: Update protos repo by @russellhancox in #153
- Fix: Database Rule Table Version number by @pmarkowsky in #154
- Tests: Simplify SNTRuleTableTest by @russellhancox in #155
- Standalone Mode (Beta) (1/3) by @pmarkowsky in #86
- standalone: Allow password fallback by @russellhancox in #159
- Project: Fix continuation indentation by @russellhancox in #160
New Contributors
Full Changelog: 2024.10...2024.11
