Getting Started

Simple Organized Feed for Apple Software Updates

Hello 👋,

SOFA supports MacAdmins by efficiently tracking and surfacing information on updates for macOS and iOS. It consists of a machine-readable feed and user-friendly web interface, providing continuously up-to-date information on XProtect data, OS updates, and the details bundled in those releases.

Web UI Overview

OS Version Section

• Latest OS Version: View details for the latest macOS and iOS releases, including version numbers, build identifiers, and release dates
• Download Links: Direct access to download latest installers like IPSW files (coming soon!) or Universal Mac Assistant (UMA) packages
• Security and Documentation Links: Quick access to relevant Apple documentation and security advisories

XProtect Data Section (macOS Only)

• Latest Versions Information: Track the most current versions of XProtect
• Verification Baseline: Use as a baseline info for use in custom tools to ensure XProtect is up-to-date across your macOS fleet. This could be running compliance scripts or extension attributes. See some starter examples in Tools
• Update Frequency Details: See when XProtect was updated and the days since the latest release

Security Updates Listing

• Release Timelines: Overview of the release dates and intervals between the latest security updates.
• Vulnerability Details: For each CVE, links are provided to view detailed records at CISA.gov or CVE.org. Use 'Command-click' to open a CVE record on the NVD website, highlighting detailed info on actively exploited vulnerabilities and related security advisories
• Search and Highlight: Search for specific CVEs to identify which OS updates address the vulnerabilities

Self-hosting

For production use, we highly recommend self-hosting the feed to improve reliability and security. This can be easily done by forking this repository and setting up a GitHub Action to deploy the feed on your own webhost.

For detailed instructions, check out our Quick Start Guide to Self-Hosted SOFA.

JSON Feed Data

Access the JSON feed directly for integration with automated tools or scripts. The current JSON feed URLs for macOS and iOS respectively are as follows:

• https://sofafeed.macadmins.io/v1/macos_data_feed.json
• https://sofafeed.macadmins.io/v1/ios_data_feed.json

For guidance on how to utilize and implement the feed in scripts, explore examples in the Tools section, and read this blog post.

RSS Overview

Subsribe to the RSS feed here: https://sofa.macadmins.io/v1/rss_feed.xml

The RSS feed is generated using feedgen by leveraging the same data generated for the data feed. It extracts SecurityReleases and injects them into individual entries, providing a streamlined and organized feed of the latest updates. The process involves:

1. Loading Cache Data: RSS data is loaded from cached JSON files from the cache/ directory to ensure all previously fetched updates are considered.
2. Writing to Cache: New or updated data is written back to the cache, sorted by ReleaseDate.
3. Diffing Data: New feed results are compared against existing cached data to identify and handle new entries.
4. Generate New Cache: Updating the current cache files with new entries if new entries exist.
5. Creating RSS Entries: SecurityReleases from the data feed are used to create RSS entries, including handling specific data like XProtect configurations and payloads.
6. Writing RSS Feed: The sorted and updated entries are written to an RSS feed file (v1/rss_feed.xml) using feedgen.