Skip to content

🪲macOS apps with duplicate bundle IDs do not appear in Fleet #28788

New issue
New issue
Open
#34097
Open
🪲macOS apps with duplicate bundle IDs do not appear in Fleet#28788
#34097
Assignees
ksykulev
Labels
#g-orchestrationOrchestration product group:releaseReady to write code. Scheduled in a release. See "Making changes" in handbook.P1Prioritize as criticalbugSomething isn't working as documentedcustomer-ufa~assisting g-security-complianceThis is a #g-security-compliance issue that another product group is assisting~csaIssue was created by or deemed important by the Customer Solutions Architect.
Milestone
4.74.1
@mostlikelee

Description

@mostlikelee
mostlikelee
opened on May 2, 2025

Fleet version: 4.67.2

💥  Actual behavior

Some macOS apps have been found to have duplicate bundleIdentifiers, in particular electron helper apps like:
Postman Helper (GPU) | com.postmanlabs.mac.helper
Postman Helper (Renderer) com.postmanlabs.mac.helper

Because they have duplicate bundleIDs, they are identified as the same app. This behavior seems to be limited to helper apps, electron being the most common occurence.

🧑‍💻  Steps to reproduce

  1. Install Postman on macOS
  2. Refresh host
  3. view software on host
  4. Only one software entry is present with bundleID com.postmanlabs.mac.helper

🕯️ More info (optional)

The scope of this fix is to reduce the amount of expected macOS apps not appearing in fleet, not to eliminate the issue. The below fix accomplishes this by reducing the scope of expected macOS apps.

🛠️ To fix

Two parts:

1

  • @ksykulev: For software titles, Fleet is going to create one software title for apps that have the same bundle_identifier. Fleet will show one item in GET /software/titles and GET /host/:id/software API endpoint.
    • @ksykulev: How does Fleet pick? Fleet will pick the software with the shortest display_name.

2

  • @noahtalerman: Fleet is going to list all software it gets back from osquery as is in GET /software/versions API and GET /hosts/:id.
    • This if “Postman (GPU)” and “Postman (Helper)” exist, there will be two entries in the GET /software/versions API and GET /hosts/:id:
      • Postman (GPU)
      • Postman (Helper)

QA/test

Software ingestion

  • Install Google Chrome on a macOS host. Rename it's CFBundleDisplayName to "Google Chrome 2".

  • Add Google Chrome as a macOS Fleet-maintained app to Fleet

  • Verify that a new software title is created called "Google Chrome". The package isn't added to "Google Chrome 2"

  • Install Google Chrome on a macOS host. Rename it's CFBundleDisplayName to "Google Chrome 2". Install another Chrome and call it "Google Chrome"

  • Add Google Chrome as a macOS Fleet-maintained app to Fleet

  • Verify that the package is added to the "Google Chrome" software title. The package isn't added to "Google Chrome 2"

Metadata

Metadata

Assignees

Labels

#g-orchestrationOrchestration product group:releaseReady to write code. Scheduled in a release. See "Making changes" in handbook.P1Prioritize as criticalbugSomething isn't working as documentedcustomer-ufa~assisting g-security-complianceThis is a #g-security-compliance issue that another product group is assisting~csaIssue was created by or deemed important by the Customer Solutions Architect.

Type

No type

Projects

🪄 #g-orchestration

Status

🐣 In progress

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions