Add local_network_permissions table

[headmin]

This add a new local_network_permissions table that exposes macOS Local Network Privacy permissions as a queryable table.

On macOS, the Local Network Privacy feature controls which applications can discover and communicate with devices on the local network.

This extension reads the permission data from the system's NetworkExtension plist and exposes it via the osquery-extension.

[grahamgilbert]

This looks great. Please bump the version file so we can cut another release. I also turned on copilot reviews on this repo, so hopefully another commit will trigger that.

[Copilot]

Pull request overview

This PR adds a new local_network_permissions osquery table for macOS that surfaces Local Network Privacy permissions from com.apple.networkextension.plist, wires it into the extension, and updates the plist dependency and version metadata.

Changes:

• Introduces the localnetworkpermissions Go package that parses the NetworkExtension NSKeyedArchiver plist into a structured local_network_permissions table, along with unit tests and a synthetic test plist.
• Registers the new table in the darwin plugin list and exposes it via Bazel build rules, including embedding the test plist for tests.
• Bumps github.com/micromdm/plist to a newer pseudo-version in go.mod, go.sum, and deps.bzl, and increments the extension VERSION from 1.3.0 to 1.3.1.

Reviewed changes

Copilot reviewed 9 out of 10 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
tables/localnetworkpermissions/test_networkextension.plist	Synthetic NSKeyedArchiver-style plist fixture used to exercise parsing of local network permission entries.
tables/localnetworkpermissions/local_network_permissions_test.go	Adds tests for column definitions, generation behavior (normal and file-not-found), and helper functions, using the embedded test plist; currently introduces parallel tests that mutate a shared global path.
tables/localnetworkpermissions/local_network_permissions.go	Implements parsing of com.apple.networkextension.plist, extraction of per-app permission records, and the local_network_permissions table generator; includes UIDs resolution logic and integer coercion.
tables/localnetworkpermissions/BUILD.bazel	Declares the localnetworkpermissions Go library and test target, including embedding the plist fixture.
main.go	Registers the local_network_permissions table as a darwin-only plugin alongside existing macOS tables.
go.sum	Updates the github.com/micromdm/plist module checksums to match the new pseudo-version used by the new parser.
go.mod	Bumps github.com/micromdm/plist to a newer pseudo-version required for UID handling in the NetworkExtension plist.
deps.bzl	Aligns Bazel go_repository metadata (version and sum) for github.com/micromdm/plist with go.mod/go.sum.
VERSION	Increments the extension version to 1.3.1 to reflect the addition of the new table.
BUILD.bazel	Adds the new //tables/localnetworkpermissions library dependency to the main Go library target so it is linked into the extension binary.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[grahamgilbert]

Looks like copilot found a few things - if we can get those fixed up I’ll merge and cut a release.

[headmin]

@grahamgilbert BAZEL dependency was missing, added now and all checks pass.