* Some minor changes for some easy perf wins based on trace info
* Manually track buffer offsets in File writer
* Add metrics tests
* Call members from appropriate shared object
* Add method to get WatchItems state
* Update santactl status with watch items state
* Update status label
* PR feedback - add missing dispatch_group_leave
* WIP parsing new watch item config format
* Change WatchItemPolicy param order. Define policy default constants.
* rename write_only policy member to allow_read_access
* WIP parsing new config format, WatchItemsTest all pass
* Restructured process config parsing. Added tons of tests.
* Abstract NSError creation to a function
* Better errors. Bubble up NSErrors to reduce duplicate messages. More Tests.
* Validate min string lengths. Add a bunch more tests.
* Adopt new policy process logic and add tests
* Address PR feedback
* Support more file access protection event types
* Update tests for new events and method signatures
* lint
* Add metrics for new event types
* Add support for LINK event
* Fix spacing
* snapshot using rules_fuzzing, but this probably wont work because nothing supports objc
* working fuzz
* clean up
* install libclang_rt.fuzzer_osx automatically; add to CI
* retain corpus
* restore old fuzzing stuff
* corpus
* move fuzz to separate timed action
* review
* WIP begin adopting new ES APIs inverting target mute paths
* Track subscription status so as not to unnecessarily enable/disable
* Properly chain call to invert target mute paths. Fix using wrong Message obj.
* Add base client tests
* Support compiling on older platforms
* More changes to support compiling on older platforms
* Only enable watch items periodic task on macOS 13
* Add more asserts to test
* Disable ES caching for now
* lint
* Change FindPolicyForPath to operate on vector of inputs
* Adopt new interface to find all policies simultaneously
* Fix tests to use new FindPoliciesForPath signature
* initial e2e work
* switch to entitlements property instead of codesignopts hack
* bring moroz patches in
* go ahead and switch to upstream
* lint
* no need to install gcs every time
* codeowners
* add comments
* move to new e2e workflow
* rename e2e workflow
* WIP refactor file access class to setup logging
* Combined GetPathTarget1 and 2, added some tests.
* Change method name to not be abbrv.
* Remove unnecessary includes
* PR feedback: fix missing path sep, add comments
* Fix test issue
* WIP Dynamic watch item config loading. Dynamic event handler protocol.
* Clients can now register with WatchItems to be enabled/disabled
* Handle dynamic fs monitor config add/modify/delete, dynamic enable/disable clients
* Update WatchItemsTest to use new constructor
* Better check handling value changes
* Add missing mock config value to fix integration test
* Add policy version to config. Return policy decision as enum.
* Check EnableBadSignatureProtection config when evaluating instigating procs
* Draft proto update for file access
* Revert "Draft proto update for file access"
This reverts commit 5d7e9a9e03.
* Change return type to work around OCMock partial mocking issues
* lint
