From 24d082ac601711f52c5ff56c3b6157a767df6320 Mon Sep 17 00:00:00 2001
From: Graham Gilbert <graham.gilbert@airbnb.com>
Date: Fri, 26 Apr 2024 22:49:26 -0700
Subject: [PATCH] Readme

---
 README.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index d549934..f8eea48 100644
--- a/README.md
+++ b/README.md
@@ -28,10 +28,12 @@ For production deployment, you should refer to the [osquery documentation](https
 | `puppet_logs`            | Logs from the last [Puppet](https://puppetlabs.com) run                                       | Linux / macOS / Windows |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
 | `puppet_state`           | State of every resource [Puppet](https://puppetlabs.com) is managing                          | Linux / macOS / Windows |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
 | `puppet_facts`           | [Puppet](https://puppetlabs.com) facts                                                        | Linux / macOS / Windows |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
+| `sofa_security_release_info` | The information on the security release the device is running from [Sofa](https://sofa.macadmins.io) | macOS                   |                                                                                                                                                                                                                                                                                                                                                                                                                                                       Use the `url` constraint to specify a data source other than `https://sofa.macadmins.io/v1/macos_data_feed.json`                                                                                                                                                                |
+| `sofa_unpatched_cves` | The CVEs that are unpatched on the device from [Sofa](https://sofa.macadmins.io) | macOS                   |                                                                                                                                                                                                                                                                                                                                                                                                                                                       Use the `url` constraint to specify a data source other than `https://sofa.macadmins.io/v1/macos_data_feed.json`                                                                                                                                                                |
 | `unified_log`            | Results from macOS' Unified Log                                                               | macOS                   | Use the constraints `predicate` and `last` to limit the number of results you pull, or this will not be very performant at all. Use `level` with a value of `info` to include info level messages. Use `level` with a value of `debug` to include info and debug level messages. (`select * from unified_log where last="1h" and level="debug" and predicate='processImagePath contains "mdmclient"';`)                                                                                                                                                                                                               |
 
 ## Development
 
-- Install Go 1.20.5 (either directly from [go.dev](https://go.dev/dl/) or via [GVM](https://github.com/moovweb/gvm#installing))
-  - `gvm install go1.20.5`
+- Install Go 1.21 (either directly from [go.dev](https://go.dev/dl/) or via [GVM](https://github.com/moovweb/gvm#installing))
+  - `gvm install go1.21`
 - Install [Bazelisk](https://github.com/bazelbuild/bazelisk/blob/master/README.md)