Skip to content

Mastodon and Twitter bot keeping you up-to-date with security fixes to Apple's ecosystem! New updates, number of bugs, zero-days, and more! πŸŽπŸ”’

License

Notifications You must be signed in to change notification settings

amadejpapez/ApplSec

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

ApplSec


Refreshing the Apple Security Page for you 🍎 πŸ”

Running on πŸ₯ @ApplSec since February 6, 2021

Running on 🐘 @[email protected] since November 5, 2022


πŸ“£ What does it post?


🦾 How does it work?

It starts by checking if the latest release on the Apple Security Updates page has already been posted. If not, it continues to check the next one. When it gathers all the new releases, it starts visiting their security content pages. There, it counts how many security issues (CVEs) were fixed, checks for zero-days, etc.

If Apple says "no details yet", it will save the release's name and say in the post that information is not available yet. It will continue to check and make a post when security content is available with all the information it contains.

To get the latest beta releases it also checks the Apple Developer Releases page.

In the end, it arranges the gathered data into a post or a thread as needed and sends it to Mastodon and Twitter.

The bot is checking for changes hourly. To avoid posting and checking the same thing twice, it stores recently posted data in a JSON file. The file also contains the last 10 zero-days, so it can tell if a zero-day is new or if it's just an additional update for a different system.

At midnight, the bot checks if Apple has updated or added any entries to older security notes. On January 19th, 2022, Apple updated 25 security notes, adding and updating entries back to releases from two years ago.


The bot is often updated as new ideas appear and to keep up with any changes to Apple's website.


✨ Acknowledgements

  • Tweepy, for communication with Twitter API
  • requests, for communication with Mastodon API and for requests to Apple's website
  • lxml, for easier HTML processing
  • GitHub Actions, for running the bot hourly


Not affiliated with Apple Inc.

Apple, iCloud, watchOS, tvOS and macOS are trademarks of Apple Inc., registered in the U.S. and other countries and regions.

About

Mastodon and Twitter bot keeping you up-to-date with security fixes to Apple's ecosystem! New updates, number of bugs, zero-days, and more! πŸŽπŸ”’

Topics

Resources

License

Stars

Watchers

Forks

Languages