Skip to main content

App-Auto-Patch for 3rd party patching (macOS)

What

App-Auto-Patch for macOS is a streamlined solution from an Open Source project designed to enable user-driven patching in your environment. It leverages two FileWave Filesets: one for profile configuration and another for deploying the actual application. The “Profile – App-Auto-Patch Settings” Fileset is used to customize key settings—such as support contact details—which then dictate how the Auto-Patch application behaves on the target devices. The application Fileset contains the App-Auto-Patch utility, which can automatically install patches on macOS devices while providing you with options to exclude specific apps to prevent workflow disruptions.

image.png

When/Why

This method is ideal when you need an efficient, user-driven approach to manage patch deployments on macOS devices. You might use it when:

  • Proactive Maintenance: You want to ensure that systems are always up to date with the latest patches without continuous manual intervention.
  • Customized Support: Your organization requires that support details—such as email, phone, and website—be displayed in the application’s help messages to provide end users with immediate assistance.
  • Controlled Rollouts: You need the flexibility to exclude certain applications from being patched automatically to avoid potential disruptions to users’ workflows.
  • Seamless Updates: By simply updating the Profile Fileset’s settings in FileWave, you can push out configuration changes across all managed devices quickly.

image.png

How

Customize the Profile Fileset:

  • Download: App-Auto-Patch-Filesets.zip 
  • Import the 2 Filesets in to your Filewave server and put them in a Fileset group together:

    image.png


  • Open the “Profile – App-Auto-Patch Settings” Fileset.
  • Modify the following settings to match your organization’s support details:
    • SupportTeamEmail: For help message support (e.g., support@company.com).
    • SupportTeamName: For displaying the support team’s name (e.g., Company Support Team).
    • SupportTeamPhone: For the contact phone number (e.g., 555-867-5309).
    • SupportTeamWebsite: For a support website URL (e.g., support.company.com).
  • For a complete list of configuration options, refer to the official Configure App-Auto-Patch Settings documentation.

Deploy Using FileWave:

  •  Association: Associate this Fileset Group with your target macOS devices. Start with 1 device to make sure you are happy with the settings.
  • Testing: Deploy initially to a single device to evaluate the patching experience and ensure all settings propagate as intended.
  • Uninstall Capability: The Fileset also contains an uninstall script. Should you need to remove the application, simply delete the association of the profile and application Filesets, and the system will automatically remove App-Auto-Patch from the macOS device.

image.png

Pushing Updates:

Modify the Profile Fileset at any time to update preferences. The changes will be pushed out automatically to all connected devices upon redeployment. Adjust settings to exclude or include certain applications from patching based on your organizational needs and user workflows. The included settings in this KB article have it set to patch weekly on Tuesdays, but pick what will work for you. 

Leveraging the DDM reporting of Background Tasks in FileWave you can also check to make sure that the helper is present. Depending on the configuration and your testing you might see more than one Identifier listed for the helper, but you should see at least 1 reported so that you know the LaunchDaemon is present. 

FileWave Admin 2025-04-08 12.12.08.png

Digging Deeper

App-Auto-Patch offers a user-driven patching approach that minimizes the need for manual updates while still giving administrators full control. The profile configuration makes it simple to customize end-user support details—ensuring that when users require help, they see consistent and accurate contact information. Moreover, the ability to exclude certain applications from patching not only protects critical workflows but also allows for staged rollouts, reducing the risk of disruptions in a production environment. This model leverages FileWave’s powerful device management capabilities to ensure all deployed macOS devices receive timely updates with the reassurance of a built-in rollback mechanism through the uninstall script. This integrated approach enhances overall system security and stability while providing an agile method for managing software updates in diverse organizational settings.