Skip to content

v0.0.8-alpha

Choose a tag to compare

View all tags
@cocopuff2u cocopuff2u released this 23 Dec 12:17
· 31 commits to main since this release
v0.0.8-alpha
d395100

Main App Changes

  • Added GitHub-based Auto-Update System to streamline application updates

    • Checks for updates automatically on app launch
    • Manual check available via menu bar (MACE > Check for Updates...)
    • Supports Alpha, Beta, and Stable release channels (configurable in Settings)
    • Default channel is Alpha until official stable/beta releases
    • Allows switching between channels with automatic update detection
    • Supports both upgrades and downgrades when changing release channels
    • Automatic updates keep users on the bleeding edge with less manual effort

    Installation Context Handling:

    • User-installed (e.g., ~/Applications) — Updates install automatically without prompts
    • Admin-installed (e.g., /Applications with root ownership) — Prompts for administrator password via secure AppleScript dialog
    • MDM-deployed — A script will be provided in the future to keep the app up to date for MDM-deployed workflows

    Security Measures:

    • Code Signature Verification — Validates the downloaded app using codesign --verify --deep --strict
    • Team ID Verification — Ensures updates are signed by the same developer (prevents supply chain attacks)
    • Apple Notarization Check — Verifies Apple has scanned the app for malware via spctl
    • HTTPS Only — All downloads fetched securely from GitHub Releases
    • No HTTP Caching — Fresh network requests prevent stale/tampered cached responses

Compliance Editor Changes

No changes

Audit Builder Hub Changes

Security Measures:

  • Added a confirmation dialog before running audit checks
    • Warns users that shell scripts from rule files (including custom rules) will be executed
  • Added a privileged helper to run audit checks as root
    • Required for certain security rules that need access to protected system settings
  • Users can choose how the privileged helper is handled:
    • This Session Only — Helper is removed when the audit is closed
    • Keep Installed — Helper remains installed and avoids future prompts
    • Both options require an administrator password

Documentation Builder Hub Changes

No changes

Rule Builder Hub Changes

No changes

Assets 4
Loading