Skip to content

macadmins/sofa

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

908 Commits

.github/workflows

.github/workflows

 
 

images

images

 
 

tool-scripts

tool-scripts

 
 

v1

v1

 
 

.gitignore

.gitignore

 
 

CNAME

CNAME

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

build-sofa-feed.py

build-sofa-feed.py

 
 

config.json

config.json

 
 

dockerfile

dockerfile

 
 

entrypoint.sh

entrypoint.sh

 
 

essential_links.json

essential_links.json

 
 

feed_structure_template_v1.yaml

feed_structure_template_v1.yaml

 
 

forked_builds.json

forked_builds.json

 
 

index.html

index.html

 
 

main.css

main.css

 
 

model_identifier_monterey.json

model_identifier_monterey.json

 
 

model_identifier_sonoma.json

model_identifier_sonoma.json

 
 

model_identifier_ventura.json

model_identifier_ventura.json

 
 

process_ipsw.py

process_ipsw.py

 
 

process_uma.py

process_uma.py

 
 

requirements.txt

requirements.txt

 
 

sofa-time-series.py

sofa-time-series.py

 
 

time-series.csv

time-series.csv

 
 

Repository files navigation

SOFA

Sofa logo

Hello 👋,

SOFA supports MacAdmins by efficiently tracking and surfacing information on updates for macOS and iOS. It consists of a machine-readable feed and user-friendly web interface, providing continuously up-to-date information on XProtect data, OS updates, and the details bundled in those releases.

Updated automatically via GitHub Actions, the SOFA feed is a dynamic, centralized, and accessible source of truth. It can be self-hosted, giving you complete assurances as to the provenance of the data your fleet and coworkers can consume. The goal is to streamline the monitoring of Apple's software releases, thereby boosting security awareness and administrative efficiency.

Key Features

Machine-Readable Feed and Web UI

  • JSON Feed: Provides detailed, machine-readable data optimized for automated tools and scripts
  • Web Interface: Divided between the major version tabs at the top and organized into sections that cover the latest OS information, XProtect updates, and security details for each OS, SOFA facilitates both quick summaries and deep dives into relevant data points

Use Cases

SOFA supports a wide array of practical applications, wether for MacAdmin tooling directly or discussing the state of security on Apple platforms with security personnel.

  • Xprotect Monitoring: Keep track of the latest XProtect updates centrally so agents running on your fleet can verify compliance with CIS/mSCP standards, ensuring Apple's tooling is up-to-date
  • Security Overviews: Surface information on vulnerabilities (CVEs) and their exploitation status (KEV).
  • Track Countdowns: Know both a timestamp and the days since a release was posted so you can track when management that delays the update being visible will elapse, or just use it to remind users that the clock is ticking on an update that addresses 'critical' issues
  • Documentation Access: Use links to quickly view relevant Apple documentation and check detailed CVE information CVE.org, CISA.gov and NVD, and correlate those CVE's across platforms or major versions
  • Download Universal Mac Assistant: Access the latest and all 'active' (currently signed) IPSW/Universal Mac Assistant (UMA) download links. These can be integrated into your custom reprovisioning workflows, such as EraseAndInstall, to streamline and enhance your device re-purpose/deployment processes
  • Self-Hosting: Take control of the SOFA feed by self-hosting. Establish your fork as the authoritative source in your environment. Tailor the feed to meet your specific needs and maintain complete autonomy over its data

Web UI Overview

OS Version Card

  • Latest OS Version: View details for the latest macOS and iOS releases, including version numbers, build identifiers, and release dates
  • Download Links: Direct access to download latest installers like IPSW files (coming soon!) or Universal Mac Assistant (UMA) packages
  • Security and Documentation Links: Quick access to relevant Apple documentation and security advisories

XProtect Data Card (macOS Only)

  • Latest Versions Information: Track the most current versions of XProtect
  • Verification Baseline: Use as a baseline info for use in custom tools to ensure XProtect is up-to-date across your macOS fleet. This could be running compliance scripts or extension attributes. See some starter examples in Tools
  • Update Frequency Details: See when XProtect was updated and the days since the latest release

Security Updates Listing

  • Release Timelines: Overview of the release dates and intervals between the latest security updates.
  • Vulnerability Details: For each CVE, links are provided to view detailed records at CISA.gov or CVE.org. Use 'Command-click' to open a CVE record on the NVD website, highlighting detailed info on actively exploited vulnerabilities and related security advisories
  • Search and Highlight: Search for specific CVEs to identify which OS updates address the vulnerabilities

Getting Started

Access the Web UI

Visit the SOFA Web UI to start exploring SOFA's features

Use the Feed Data

Access the feed directly for integration with automated tools or scripts. For production use, we strongly recommend self-hosting the feed to enhance reliability and security. For guidance on how to utilize and implement the feed, explore examples in the Tools section. For details on self-hosting, please refer to the section below.

Self-Hosting SOFA

We believe that organizations needing tight control and ownership of the data they rely on should consider self-hosting SOFA. By cloning the repository into your own GitHub account and activating GitHub Actions to automatically build the feed at set intervals — or implementing a similar setup on platforms like GitLab — you ensure full control over how the data is determined, updated, and utilized. Additional documentation on self-hosting will be available to guide you through this process.

About

SOFA | A MacAdmin's Simple Organized Feed for Apple Software Updates

sofa.macadmins.io

Topics

macos ios apple cve macadmins

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

63 stars

Watchers

8 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 8

Languages