Problem Description
Currently, users need to manually download or git pull the latest version of stepsecurity-dev-machine-guard.sh to get new detections and bug fixes. For enterprise deployments managed via MDM (Jamf, Kandji, Intune), this means re-pushing the script each time there is an update. A lightweight self-update mechanism would ensure developer machines always run the latest scanning logic without manual intervention, while maintaining the security guarantees of the release process (e.g., checksum verification).
Proposed Solution
Implement a wrapper script.
Alternatives Considered
No response
Additional Context
No response
Problem Description
Currently, users need to manually download or git pull the latest version of stepsecurity-dev-machine-guard.sh to get new detections and bug fixes. For enterprise deployments managed via MDM (Jamf, Kandji, Intune), this means re-pushing the script each time there is an update. A lightweight self-update mechanism would ensure developer machines always run the latest scanning logic without manual intervention, while maintaining the security guarantees of the release process (e.g., checksum verification).
Proposed Solution
Implement a wrapper script.
Alternatives Considered
No response
Additional Context
No response