Last active
March 15, 2024 00:56
-
-
Save april/3da7c3720b0d9f3ee7dc9a95f623578d to your computer and use it in GitHub Desktop.
find all apps using Electron and their versions, on macOS systems
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env zsh | |
# patched versions for CVE-2023-4863: 22.3.24, 24.8.3, 25.8.1, 26.2.1 | |
mdfind "kind:app" 2>/dev/null | sort -u | while read app; | |
do | |
filename="$app/Contents/Frameworks/Electron Framework.framework/Electron Framework" | |
if [[ -f $filename ]]; then | |
echo "App Name: $(basename ${app})" | |
electronVersion=$(strings "$filename" | grep "Chrome/" | grep -i Electron | grep -v '%s' | sort -u | cut -f 3 -d '/') | |
echo "Electron Version: $electronVersion" | |
echo -n "File Name: $filename " | |
echo -e "\n" | |
fi | |
done |
I tried overriding LANG=de_DE.UTF-8 LC_CTYPE=de_DE.UTF-8 LC_ALL=de_DE.UTF-8, and setting the language for Terminal to German, and it still insists on using en_US
.
Does overriding any of those to en_US.UTF-8
let mdfind
work with kind:app
?
No that doesn't seem to change anything. Idk maybe mdfind uses the language set via system settings or something
Just changed my mac to English and now it works
Wanted to share a slightly updated version of the script above that we used internally to help make running the script more actionable for our employees. The main change is that it outputs and highlights only the apps that are on unsafe electron versions.
#!/usr/bin/env bash
RED='\033[0;31m'
NC='\033[0m' # No Color
# patched versions for CVE-2023-4863: 22.3.24, 24.8.3, 25.8.1, 26.2.1
mdfind "kind:app" 2>/dev/null | sort -u | while read app;
do
filename="$app/Contents/Frameworks/Electron Framework.framework/Electron Framework"
if [[ -f $filename ]]; then
electronVersion=$(strings "$filename" | grep "Chrome/" | grep -i Electron | grep -v '%s' | sort -u | cut -f 3 -d '/')
semver=( ${electronVersion//./ } )
major="${semver[0]}"
minor="${semver[1]}"
patch="${semver[2]}"
echo "${major}.${minor}.${patch}"
if [[ ( $major -lt 22 ) || ( $major == 22 && $minor -lt 3 ) || ( $major == 22 && $minor == 3 && $patch -lt 26 )
|| ( $major == 23 )
|| ( $major == 24 && $minor -lt 8 ) || ( $major == 24 && $minor == 8 && $patch -lt 6 )
|| ( $major == 25 && $minor -lt 8 ) || ( $major == 25 && $minor == 8 && $patch -lt 4 )
|| ( $major == 26 && $minor -lt 2 ) || ( $major == 26 && $minor == 2 && $patch -lt 4 )
|| ( $major == 27 && $minor -lt 0 ) || ( $major == 27 && $minor == 0 && $patch -lt 0 )
]]; then
printf "App Name: ${RED}$(basename ${app})${NC}\n"
echo "Electron Version: $electronVersion"
echo -n "File Name: $filename "
echo -e "\n"
fi
fi
done
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Btw, mdfind uses the user's locale for their syntax. Therefore a German user would need to use
mdfind "art:app"