github northpolesec/santa 2025.5
v2025.5
on GitHub

latest releases: 2025.8, 2025.7, 2025.6...
3 months ago

Notes

If you're migrating from Google Santa, please see the Migration Guide for details on how to upgrade.

Santa documentation has undergone a complete overhaul and can be found at northpole.dev.

Announcements

📣 macOS 12 is no longer supported
📣 We've created a Config Generator to help admins craft Santa configuration!
📣 Santa can now collect basic, non-identifying stats on an opt-in basis by setting the EnableStatsCollection configuration key to true. See our Stats documentation for complete details. Please consider opting in your organization to help us better maintain Santa for the whole community!

Fixed

❗ ClientMode change user notifications had empty messages
❗ Rule comments were being dropped when importing rules via santactl rule --import
❗ Bundle hashing could occur in the background even if not configured by the sync server

Changed

↔️ Glob expansion in FAA rules has been made more powerful. When possible, Santa will now opportunistically attempt to apply FAA rules with path globs to sub paths that might not yet exist. This replaces the previous behavior that worked like shell expansion and would only apply to paths that existed each time rules were reevaluated.
↔️ Changes to MachineID configuration now apply dynamically and don't require restarting the daemon
↔️ The sync server's EnableBundles setting is now stored with other sync variables so that the setting is maintained across daemon/system restarts and applied before the first Santa sync

Added

➕ The machine's SIP status has been added to the sync protocol's preflight requests
➕ Santa's "About" dialog has been redesigned and made more useful. Users can now trigger a sync or drag-and-drop an application to capture file info without having to interact with the command line. Drag and drop is also supported on the Dock icon if it is currently showing.
➕ Added the eventupload command to santactl to capture event details for a given application and send to the configured sync server. This is primarily useful for admins that want to ensure full application details exist on the server for applications that don't have an associated block rule and would not otherwise capture this information automatically.

What's Changed

  • docs: Replace docs with new docusaurus-based site by @russellhancox in #375
  • build(deps): bump the npm_and_yarn group across 1 directory with 3 updates by @dependabot in #376
  • Fixed up background apps plist example by @sysophost in #378
  • docs: Add algolia config by @russellhancox in #382
  • docs: highlight santa profile content, update sizing by @russellhancox in #381
  • docs: Add simple README by @russellhancox in #383
  • gui: Update about window with new design and default text by @russellhancox in #374
  • gui: Fix mode change notifications by @russellhancox in #380
  • Apply Machine ID config updates in real time by @mlw in #377
  • docs: update UUIDs in example profiles to be different than the old Google Santa profiles by @pmarkowsky in #384
  • Bump builds to C++20 by @mlw in #386
  • Address build issues with C++20 on older OS versions by @mlw in #387
  • sync: Populate sip_status field in Preflight by @russellhancox in #385
  • sync: Handle 'global' push notifications by @russellhancox in #390
  • Add Timer mixin, adopt in Logger class. by @mlw in #388
  • gui: Add 'sync' button to About window by @russellhancox in #389
  • Respect rule comments on import by @mlw in #391
  • build: Disable codesign timestamp for dev builds by @russellhancox in #392
  • Bump Bazel and module versions by @mlw in #396
  • Collect, open, and send telemetry files to sync service for processing by @mlw in #395
  • gui: allow drag & drop on about window or dock icon to get app details by @russellhancox in #398
  • build: Bump minimum macOS version to 13, document the policy by @russellhancox in #399
  • Remove run time and compile time checks for macOS 13 by @mlw in #400
  • Update how MOLXPCConnection tracks connections, vends proxy objects by @mlw in #401
  • FAA glob expansion enhancements by @mlw in #394
  • Standardize bazel module dependency naming style by @mlw in #403
  • gui: change button behavior during hashing by @russellhancox in #404
  • gui: Simplify display of bundle hash progress, animate disappearing by @russellhancox in #405
  • gui: don't show bundle hash view if bundle hashing is not needed by @russellhancox in #407
  • Update telemetry keys in docs by @mlw in #408
  • ci: Stop running on all branches by @russellhancox in #409
  • build(deps): bump estree-util-value-to-estree from 3.3.3 to 3.4.0 in /docs in the npm_and_yarn group across 1 directory by @dependabot in #411
  • docs: Add the beginning of the config generator by @russellhancox in #412
  • santactl: Fix misleading message from errSecCSInfoPlistFailed by @russellhancox in #413
  • Add EnableBundle sync config to sync state plist by @mlw in #414
  • santactl: add eventupload command by @tburgin in #410
  • bundle service: Adaptive priority by @tburgin in #415
  • gui: Fix and prevent crash formatting signing IDs by @russellhancox in #417
  • gui: Fix accessory/hide handling with multiple windows by @russellhancox in #418
  • gui: Move all activationPolicy changes into AppDelegate by @russellhancox in #419

New Contributors

Full Changelog: 2025.4...2025.5

Check out latest releases or
releases around northpolesec/santa 2025.5

Don't miss a new santa release

NewReleases is sending notifications on new releases.

Get notifications