Skip to content

Commit

Permalink
Merge pull request #614 from macadmins/development
Browse files Browse the repository at this point in the history
v2.0.5
  • Loading branch information
erikng authored Jul 25, 2024
2 parents 89f000e + 500e317 commit c208c8a
Show file tree
Hide file tree
Showing 13 changed files with 209 additions and 45 deletions.
8 changes: 4 additions & 4 deletions .github/workflows/build_nudge_pr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,20 +11,20 @@ jobs:

steps:
- name: Checkout nudge repo
uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0

- name: Install Apple Xcode certificates
uses: apple-actions/import-codesign-certs@8f3fb608891dd2244cdab3d69cd68c0d37a7fe93 # v2.0.0
uses: apple-actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3.0.0
with:
keychain-password: ${{ github.run_id }}
p12-file-base64: ${{ secrets.APP_CERTIFICATES_P12_MAOS }}
p12-password: ${{ secrets.APP_CERTIFICATES_P12_PASSWORD_MAOS }}

- name: Install Apple Installer certificates
uses: apple-actions/import-codesign-certs@8f3fb608891dd2244cdab3d69cd68c0d37a7fe93 # v2.0.0
uses: apple-actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3.0.0
with:
create-keychain: false # do not create a new keychain for this value
keychain-password: ${{ github.run_id }}
Expand All @@ -41,7 +41,7 @@ jobs:
echo "NUDGE_MAIN_VERSION=$(/bin/cat ./build_info_main.txt)" >> $GITHUB_ENV
- name: Upload zip archive
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: packages
path: outputs/
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/build_nudge_prerelease.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,19 +19,19 @@ jobs:

steps:
- name: Checkout nudge repo
uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0

- name: Install Apple Xcode certificates
uses: apple-actions/import-codesign-certs@8f3fb608891dd2244cdab3d69cd68c0d37a7fe93 # v2.0.0
uses: apple-actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3.0.0
with:
keychain-password: ${{ github.run_id }}
p12-file-base64: ${{ secrets.APP_CERTIFICATES_P12_MAOS }}
p12-password: ${{ secrets.APP_CERTIFICATES_P12_PASSWORD_MAOS }}

- name: Install Apple Installer certificates
uses: apple-actions/import-codesign-certs@8f3fb608891dd2244cdab3d69cd68c0d37a7fe93 # v2.0.0
uses: apple-actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3.0.0
with:
create-keychain: false # do not create a new keychain for this value
keychain-password: ${{ github.run_id }}
Expand Down Expand Up @@ -89,7 +89,7 @@ jobs:
files: ${{github.workspace}}/outputs/*.pkg

- name: Upload packages
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: packages
path: outputs/
8 changes: 4 additions & 4 deletions .github/workflows/build_nudge_prerelease_manual.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,19 +11,19 @@ jobs:

steps:
- name: Checkout nudge repo
uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0

- name: Install Apple Xcode certificates
uses: apple-actions/import-codesign-certs@8f3fb608891dd2244cdab3d69cd68c0d37a7fe93 # v2.0.0
uses: apple-actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3.0.0
with:
keychain-password: ${{ github.run_id }}
p12-file-base64: ${{ secrets.APP_CERTIFICATES_P12_MAOS }}
p12-password: ${{ secrets.APP_CERTIFICATES_P12_PASSWORD_MAOS }}

- name: Install Apple Installer certificates
uses: apple-actions/import-codesign-certs@8f3fb608891dd2244cdab3d69cd68c0d37a7fe93 # v2.0.0
uses: apple-actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3.0.0
with:
create-keychain: false # do not create a new keychain for this value
keychain-password: ${{ github.run_id }}
Expand Down Expand Up @@ -81,7 +81,7 @@ jobs:
files: ${{github.workspace}}/outputs/*.pkg

- name: Upload packages
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: packages
path: outputs/
8 changes: 4 additions & 4 deletions .github/workflows/build_nudge_release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,19 +19,19 @@ jobs:

steps:
- name: Checkout nudge repo
uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0

- name: Install Apple Xcode certificates
uses: apple-actions/import-codesign-certs@8f3fb608891dd2244cdab3d69cd68c0d37a7fe93 # v2.0.0
uses: apple-actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3.0.0
with:
keychain-password: ${{ github.run_id }}
p12-file-base64: ${{ secrets.APP_CERTIFICATES_P12_MAOS }}
p12-password: ${{ secrets.APP_CERTIFICATES_P12_PASSWORD_MAOS }}

- name: Install Apple Installer certificates
uses: apple-actions/import-codesign-certs@8f3fb608891dd2244cdab3d69cd68c0d37a7fe93 # v2.0.0
uses: apple-actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3.0.0
with:
create-keychain: false # do not create a new keychain for this value
keychain-password: ${{ github.run_id }}
Expand Down Expand Up @@ -89,7 +89,7 @@ jobs:
files: ${{github.workspace}}/outputs/*.pkg

- name: Upload packages
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: packages
path: outputs/
8 changes: 4 additions & 4 deletions .github/workflows/build_nudge_release_manual.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,19 +11,19 @@ jobs:

steps:
- name: Checkout nudge repo
uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0

- name: Install Apple Xcode certificates
uses: apple-actions/import-codesign-certs@8f3fb608891dd2244cdab3d69cd68c0d37a7fe93 # v2.0.0
uses: apple-actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3.0.0
with:
keychain-password: ${{ github.run_id }}
p12-file-base64: ${{ secrets.APP_CERTIFICATES_P12_MAOS }}
p12-password: ${{ secrets.APP_CERTIFICATES_P12_PASSWORD_MAOS }}

- name: Install Apple Installer certificates
uses: apple-actions/import-codesign-certs@8f3fb608891dd2244cdab3d69cd68c0d37a7fe93 # v2.0.0
uses: apple-actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3.0.0
with:
create-keychain: false # do not create a new keychain for this value
keychain-password: ${{ github.run_id }}
Expand Down Expand Up @@ -81,7 +81,7 @@ jobs:
files: ${{github.workspace}}/outputs/*.pkg

- name: Upload packages
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: packages
path: outputs/
37 changes: 37 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,43 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [2.0.5] - 2024-07-24
Requires macOS 12.0 and higher.

### Added
- To artificially change the `requredInstallationDate` to honor a previous macOS minor version, set `minorVersionRecalculationThreshold` under `osVersionRequirement` in amount of minor versions.
- Ex: `minorVersionRecalculationThreshold` is set to 1 and SOFA feed has macOS 14.5 available
- macOS device is 14.0: Required OS: 14.5 - Target macOS 14.4.1 requiredInstallationDate of 2024-04-08 00:00:00 +0000
- macOS device is 14.1: Required OS: 14.5 - Target macOS 14.4.1 requiredInstallationDate of 2024-04-08 00:00:00 +0000
- macOS device is 14.2: Required OS: 14.5 - Target macOS 14.4.1 requiredInstallationDate of 2024-04-08 00:00:00 +0000
- macOS device is 14.3: Required OS: 14.5 - Target macOS 14.4.1 requiredInstallationDate of 2024-04-08 00:00:00 +0000
- macOS device is 14.4: Required OS: 14.5 - Target macOS 14.4.1 requiredInstallationDate of 2024-04-08 00:00:00 +0000
- macOS device is 14.4.1: Required OS: 14.5 - Target macOS 14.4.1 requiredInstallationDate of 2024-04-15 00:00:00 +0000
- This device's requiredInstallationDate is different than the others as there is no active exploit on 14.4.1
- macOS device is 14.5: Required OS: 14.5 - Fully updated
- Ex: `minorVersionRecalculationThreshold` is set to 2 and SOFA feed has macOS 14.5 available
- macOS device is 14.0: Required OS: 14.5 - Target macOS 14.4 requiredInstallationDate of 2024-03-21 00:00:00 +0000
- macOS device is 14.1: Required OS: 14.5 - Target macOS 14.4 requiredInstallationDate of 2024-03-21 00:00:00 +0000
- macOS device is 14.2: Required OS: 14.5 - Target macOS 14.4 requiredInstallationDate of 2024-03-21 00:00:00 +0000
- macOS device is 14.3: Required OS: 14.5 - Target macOS 14.4 requiredInstallationDate of 2024-03-21 00:00:00 +0000
- macOS device is 14.4: Required OS: 14.5 - Target macOS 14.4 requiredInstallationDate of 2024-03-21 00:00:00 +0000
- macOS device is 14.4.1: Required OS: 14.5 - Target macOS 14.4.1 requiredInstallationDate of 2024-04-15 00:00:00 +0000
- macOS device is 14.5: Required OS: 14.5 - Fully updated
- Addresses [612](https://github.com/macadmins/nudge/issues/612)

### Changed
- The `Actively Exploited` logic internally within Nudge and the UI on the left sidebar will show `True` if any previous updates missing on the device had active exploits.
- **WARNNG BREAKING CHANGE** - This changes the SLA computation and will result in a different `requiredInstallationDate` than offered in Nudge v2.0 -> v2.01.
- Ex: Device is on 14.3 and needing to go to 14.5.
- While 14.4.1 -> 14.5 are not under active exploit, 14.4 contains fixes for 14.3 that were under active exploit.
- Addresses [610](https://github.com/macadmins/nudge/issues/610) and [613](https://github.com/macadmins/nudge/issues/613)
- When `showRequiredDate` is set to `True` and the admin is using the default values for `requiredInstallationDisplayFormat`, Nudge will attempt to understand the current locale and display the menu item appropriately.
- Addresses [615](https://github.com/macadmins/nudge/issues/615)

### Fixed
- Several components in the Github Actions were triggering deprecation warnings. These have been addressed by updating to the latest version of these components
- Addresses [616](https://github.com/macadmins/nudge/issues/616)

## [2.0.4] - 2024-07-23
Requires macOS 12.0 and higher.

Expand Down
4 changes: 2 additions & 2 deletions Nudge.xcodeproj/project.pbxproj
Original file line number Diff line number Diff line change
Expand Up @@ -698,7 +698,7 @@
"@executable_path/../Frameworks",
);
MACOSX_DEPLOYMENT_TARGET = 12.0;
MARKETING_VERSION = 2.0.4;
MARKETING_VERSION = 2.0.5;
PRODUCT_BUNDLE_IDENTIFIER = com.github.macadmins.Nudge;
PRODUCT_NAME = "$(TARGET_NAME)";
PROVISIONING_PROFILE_SPECIFIER = "";
Expand Down Expand Up @@ -729,7 +729,7 @@
"@executable_path/../Frameworks",
);
MACOSX_DEPLOYMENT_TARGET = 12.0;
MARKETING_VERSION = 2.0.4;
MARKETING_VERSION = 2.0.5;
PRODUCT_BUNDLE_IDENTIFIER = com.github.macadmins.Nudge;
PRODUCT_NAME = "$(TARGET_NAME)";
PROVISIONING_PROFILE_SPECIFIER = "";
Expand Down
4 changes: 2 additions & 2 deletions Nudge/Info.plist
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,9 @@
<key>CFBundlePackageType</key>
<string>$(PRODUCT_BUNDLE_PACKAGE_TYPE)</string>
<key>CFBundleShortVersionString</key>
<string>2.0.4</string>
<string>2.0.5</string>
<key>CFBundleVersion</key>
<string>2.0.4</string>
<string>2.0.5</string>
<key>LSApplicationCategoryType</key>
<string>public.app-category.utilities</string>
<key>LSMinimumSystemVersion</key>
Expand Down
6 changes: 6 additions & 0 deletions Nudge/Preferences/DefaultPreferencesNudge.swift
Original file line number Diff line number Diff line change
Expand Up @@ -233,6 +233,12 @@ struct OSVersionRequirementVariables {
""
}

static var minorVersionRecalculationThreshold: Int {
osVersionRequirementsProfile?.minorVersionRecalculationThreshold ??
osVersionRequirementsJSON?.minorVersionRecalculationThreshold ??
0
}

static var nonActivelyExploitedCVEsMajorUpgradeSLA: Int {
osVersionRequirementsProfile?.nonActivelyExploitedCVEsMajorUpgradeSLA ??
osVersionRequirementsJSON?.nonActivelyExploitedCVEsMajorUpgradeSLA ??
Expand Down
4 changes: 4 additions & 0 deletions Nudge/Preferences/PreferencesStructure.swift
Original file line number Diff line number Diff line change
Expand Up @@ -151,6 +151,7 @@ struct OSVersionRequirement: Codable {
var activelyExploitedCVEsMajorUpgradeSLA: Int?
var activelyExploitedCVEsMinorUpdateSLA: Int?
var majorUpgradeAppPath: String?
var minorVersionRecalculationThreshold: Int?
var nonActivelyExploitedCVEsMajorUpgradeSLA: Int?
var nonActivelyExploitedCVEsMinorUpdateSLA: Int?
var requiredInstallationDate: Date?
Expand All @@ -170,6 +171,7 @@ extension OSVersionRequirement {
self.activelyExploitedCVEsMajorUpgradeSLA = fromDictionary["activelyExploitedCVEsMajorUpgradeSLA"] as? Int
self.activelyExploitedCVEsMinorUpdateSLA = fromDictionary["activelyExploitedCVEsMinorUpdateSLA"] as? Int
self.majorUpgradeAppPath = fromDictionary["majorUpgradeAppPath"] as? String
self.minorVersionRecalculationThreshold = fromDictionary["minorVersionRecalculationThreshold"] as? Int
self.nonActivelyExploitedCVEsMajorUpgradeSLA = fromDictionary["nonActivelyExploitedCVEsMajorUpgradeSLA"] as? Int
self.nonActivelyExploitedCVEsMinorUpdateSLA = fromDictionary["nonActivelyExploitedCVEsMinorUpdateSLA"] as? Int
self.requiredMinimumOSVersion = fromDictionary["requiredMinimumOSVersion"] as? String
Expand Down Expand Up @@ -248,6 +250,7 @@ extension OSVersionRequirement {
activelyExploitedCVEsMajorUpgradeSLA: Int? = nil,
activelyExploitedCVEsMinorUpdateSLA: Int? = nil,
majorUpgradeAppPath: String? = nil,
minorVersionRecalculationThreshold: Int? = nil,
nonActivelyExploitedCVEsMajorUpgradeSLA: Int? = nil,
nonActivelyExploitedCVEsMinorUpdateSLA: Int? = nil,
requiredInstallationDate: Date? = nil,
Expand All @@ -265,6 +268,7 @@ extension OSVersionRequirement {
activelyExploitedCVEsMajorUpgradeSLA: activelyExploitedCVEsMajorUpgradeSLA ?? self.activelyExploitedCVEsMajorUpgradeSLA,
activelyExploitedCVEsMinorUpdateSLA: activelyExploitedCVEsMinorUpdateSLA ?? self.activelyExploitedCVEsMinorUpdateSLA,
majorUpgradeAppPath: majorUpgradeAppPath ?? self.majorUpgradeAppPath,
minorVersionRecalculationThreshold: minorVersionRecalculationThreshold ?? self.minorVersionRecalculationThreshold,
nonActivelyExploitedCVEsMajorUpgradeSLA: nonActivelyExploitedCVEsMajorUpgradeSLA ?? self.nonActivelyExploitedCVEsMajorUpgradeSLA,
nonActivelyExploitedCVEsMinorUpdateSLA: nonActivelyExploitedCVEsMinorUpdateSLA ?? self.nonActivelyExploitedCVEsMinorUpdateSLA,
requiredInstallationDate: requiredInstallationDate ?? self.requiredInstallationDate,
Expand Down
Loading

0 comments on commit c208c8a

Please sign in to comment.