Regenerate manifests

Upstream diff: https://github.com/ProfileCreator/ProfileManifests/compare/c6489e6d199168da55494e96e0195df4e8d92780..8234e1708395951b1fa4feae01984ab1bf8c7a2c

last_build.json

@@ -1 +1 @@
-{ "hash": "c6489e6d199168da55494e96e0195df4e8d92780", "date": "2024-10-15 16:29:26" }
+{ "hash": "8234e1708395951b1fa4feae01984ab1bf8c7a2c", "date": "2024-10-16 08:50:53" }

manifests/ManifestsApple/Configuration.json

@@ -6,25 +6,25 @@
             "type": "boolean",
             "title": "Prevent users from removing this profile",
             "default": false,
-            "description": "Prevent manual removal of profiles installed through an MDM. Profiles installed manually can be removed manually, but only by using administrative authority.",
+            "description": "If present and set to 'true', the user can't delete the profile unless the profile has a removal password and the user provides it.\nOn macOS 10.15 and later, this key only affects removal of manually installed profiles. If set to 'true' and no profile removal payload is present, removing the profile requires admin auth.\nOn macOS versions prior to 10.15, this key prevents admins from removing MDM installed profiles. However, as of macOS 10.15, users can never remove MDM profiles, not even the admin.\nOn iOS users can't remove a MDM profile.\nRequires a supervised device.",
             "property_order": 5
         },
         "RemovalDate": {
             "type": "date",
             "title": "Removal Date",
-            "description": "The date on which the profile will be automatically removed.",
+            "description": "The date when the system automatically removes the profile.",
             "property_order": 10
         },
         "DurationUntilRemoval": {
             "type": "number",
             "title": "Duration Until Removal",
-            "description": "Number of seconds until the profile is automatically removed. If RemovalDate key is present, its value is used instead.",
+            "description": "The number of seconds until the profile is automatically removed. If the 'RemovalDate' key is present, the system uses whichever field yields the earliest date.",
             "property_order": 15
         },
         "ConsentText": {
             "type": "object",
             "title": "Consent Text",
-            "description": "Dictionary specifying localized consent text that will be displayed as a warning during profile installation.",
+            "description": "A dictionary that includes:\n* A key that contains the IETF BCP 47 identifier for a language, such as en or jp\n* A value that contains the agreement localized to language specified by the key\nThe dictionary can also contain an optional key, 'default', with its value consisting of the unlocalized (usually in en) agreement.\nThe system always displays the agreement in a dialog, and the user needs to agree before the system can install the profile.\nThe system chooses a localized version in the order of preference that the user specifies in macOS, or based on the user's current language setting in iOS. If there's no exact match, the system uses the default localization. If there's no default localization, the system uses the en localization. If there's no en localization, the system uses the first available localization.\nProvide a default value, if possible. The system won't display a warning if the user's locale doesn't match any localization in the 'ConsentText' dictionary.",
             "properties": {
                 "{{key}}": {
                     "type": "string",
@@ -48,20 +48,20 @@
             "type": "boolean",
             "title": "Has removal passcode",
             "default": false,
-            "description": "Specifes if there is a removal passcode for the profile.",
+            "description": "Set to 'true' if there's a removal passcode.",
             "property_order": 25
         },
         "PayloadExpirationDate": {
             "type": "date",
             "title": "Expiration Date",
-            "description": "If provided, will show an OTA-delivered profile as \"expired\" on a specific date. Users will be offered an \"Update\" button when the profile has expired.",
+            "description": "The date when a profile is no longer valid and the system presents an update button to the user.",
             "property_order": 30
         },
         "PayloadScope": {
             "type": "string",
             "title": "Payload Scope",
             "default": "User",
-            "description": "Defines whether the profile should be installed system-wide or only for the installing user",
+            "description": "A string that defines whether to install the profile for the system or the user. In many cases, it determines the location of certificate items, such as keychains. Though it's not possible to declare different payload scopes, payloads like VPN can automatically install their items in both scopes, if needed.",
             "enum": [
                 "System",
                 "User"
@@ -79,7 +79,8 @@
                 2,
                 3,
                 4,
-                5
+                5,
+                6
             ],
             "options": {
                 "enum_titles": [
@@ -88,7 +89,8 @@
                     "Apple Watch",
                     "HomePod",
                     "Apple TV",
-                    "Mac"
+                    "Mac",
+                    "Vision Pro"
                 ]
             },
             "property_order": 40

manifests/ManifestsApple/com.apple.MCX.FileVault2.json

@@ -5,7 +5,7 @@
         "Enable": {
             "type": "string",
             "title": "Enable FileVault 2",
-            "description": "Set to 'On' to enable FileVault. Set to 'Off' to disable FileVault.",
+            "description": "Set to 'On' to enable FileVault and set to 'Off' to disable FileVault. Payloads set to 'On' sent through MDM need to either include full authentication information in the payload or have the 'Defer' option set to 'true'. When 'Defer' is 'true', the system prompts for the authentication information when the user enables FileVault.",
             "enum": [
                 "On",
                 "Off"
@@ -16,78 +16,78 @@
             "type": "boolean",
             "title": "Defer enabling until logout",
             "default": false,
-            "description": "Defer enabling FileVault until the designated user logs out. For details, see fdesetup(8). The person enabling FileVault must be either a local user or a mobile account user.",
+            "description": "If 'true', the system defers enabling FileVault until the designated user logs out. For details, see 'fdesetup(8)'. Only a local user or a mobile account user can enable FileVault.",
             "property_order": 10
         },
         "UserEntersMissingInfo": {
             "type": "boolean",
             "title": "User enters username and password",
-            "default": true,
-            "description": "Set to true for manual profile installs to prompt for missing user name or password fields.",
+            "default": false,
+            "description": "If 'true', the system enables a prompt for missing user name or password fields.",
             "property_order": 15
         },
         "UseRecoveryKey": {
             "type": "boolean",
             "title": "Create a personal recovery key",
             "default": true,
-            "description": "Set to true to create a personal recovery key.",
+            "description": "If 'true', the system creates a personal recovery key and displays it to the user.",
             "property_order": 20
         },
         "ShowRecoveryKey": {
             "type": "boolean",
             "title": "Show the personal recovery key",
             "default": true,
-            "description": "Set to false to not display the personal recovery key to the user after FileVault is enabled.",
+            "description": "If 'false', the system prevents display of the personal recovery key to the user after the system enables FileVault.",
             "property_order": 25
         },
         "OutputPath": {
             "type": "string",
             "title": "Recovery key path",
-            "description": "Path to the location where the recovery key and computer information plist will be stored.",
+            "description": "The path to the location of the recovery key and computer information property list.",
             "property_order": 30
         },
         "PayloadCertificateUUID": {
             "type": "string",
             "title": "Recovery Key Certificate Payload",
-            "description": "UUID of the payload containing the asymmetric recovery key certificate payload.",
+            "description": "The UUID of the payload within the same profile containing the asymmetric recovery key certificate payload.",
             "property_order": 35
         },
         "Username": {
             "type": "string",
             "title": "Username",
-            "description": "User name of the Open Directory user that will be added to FileVault.",
+            "description": "The user name of the Open Directory user to add to FileVault.",
             "property_order": 40
         },
         "Password": {
             "type": "string",
             "title": "Password",
-            "description": "User password of the Open Directory user that will be added to FileVault. Use the UserEntersMissingInfo key if you want to prompt for this information.",
+            "description": "The password of the Open Directory user to add to FileVault. Use the 'UserEntersMissingInfo' key to prompt for this information.",
             "property_order": 45
         },
         "UseKeychain": {
             "type": "boolean",
             "title": "Add institutional recovery key to keychain",
             "default": false,
-            "description": "If set to true and no certificate information is provided in this payload, the keychain already created at /Library/Keychains/FileVaultMaster.keychain will be used when the institutional recovery key is added.",
+            "description": "If 'true' and you don't include certificate information in this payload, the system uses the keychain created at '/Library/Keychains/FileVaultMaster.keychain' when it adds the institutional recovery key.",
             "property_order": 50
         },
         "DeferForceAtUserLoginMaxBypassAttempts": {
             "type": "integer",
             "title": "Maximum number of times FileVault can be skipped",
-            "description": "When using the Defer option you can optionally set this key to the maximum number of times the user can bypass enabling FileVault before it will require that it be enabled before the user can log in. If set to 0, it will always prompt to enable FileVault until it is enabled, though it will allow you to bypass enabling it. Setting this key to –1 will disable this feature.",
+            "description": "The maximum number of times users can bypass enabling FileVault before the system requires the user to enable it to log in. If the value is '0', the system requires the user to enable FileVault the next time they attempt to log in. Set this key to '–1' to disable this feature.",
             "property_order": 55
         },
         "DeferDontAskAtUserLogout": {
             "type": "boolean",
             "title": "Dont ask at logout",
             "default": false,
-            "description": "When using the Defer option, set this key to true to not request enabling FileVault at user logout time.",
+            "description": "If 'true', the system prevents requests to enable FileVault at user logout time.",
             "property_order": 60
         },
         "ForceEnableInSetupAssistant": {
             "type": "boolean",
             "default": false,
-            "description": "If 'true', and this payload is installed after enrolling with MDM in Setup Assistant, it requests Setup Assistant to enable FileVault at setup time. In this case, the system also ignores all other keys in this payload, except for 'ShowRecoveryKey'.\nTo use this, enable the Await Device Configured DEP configuration option, send this profile with this key set, before sending the DeviceConfiguredCommand.",
+            "description": "If 'true', and installation of this payload occurs after enrolling with MDM in Setup Assistant, the system requests Setup Assistant to enable FileVault at setup time.\nTo use this, enable the Await Device Configured DEP configuration option and send this profile with this key set, before sending the DeviceConfiguredCommand.\nAn admin SecureToken user is required, otherwise the FileVault pane does not appear.",
             "property_order": 65
         }
     }