Imo, there are many better ways to get apps patched than Patch Management + manual intervention. With patch management, you're tediously, repetitively uploading monolithic .pkg's for each app, every single time a new version comes out. That's a time sink. Also, let's say the vendor offers it as a .dmg with an .app inside.. you'd have to repackage it to a .pkg, adding even more time.
Mac Apps > Jamf App Catalog should work better by automating patching as well as making sure the latest version is always in Self Service. Though I've personally had mixed luck with Jamf App Catalog, so much that I try and avoid using it where I can. For me, apps would just get stuck on pending forever for deploying updates. Or would inexplicably error out and there are virtually no logs to see what happened.
Not much has changed in my experience since I posted in this thread: https://community.jamf.com/t5/jamf-pro/jamf-app-catalog-install-failures/m-p/310318
Another related thread: https://community.jamf.com/t5/jamf-pro/jamf-app-catalog-mac-apps-not-installing/m-p/293891
I mainly use Installomator for patching - https://github.com/Installomator/Installomator.
This has worked the most effectively for me, by far. Sometimes the 'labels' will break because a vendor changed a download URL, etc. But most of the time when I discover a broken label (which it's good to setup SMTP in Jamf so you're getting emails on every single failed policy run), and I go to the Issues tab or Pull Requests tab on GitHub, someone has already come up with an easy fix I can copy and paste. And if you're halfway decent with scripting, it's usually pretty easy to fix yourself.
Other than that, it's been my experience that different tools are sometimes more optimal for different apps.
I see you mentioned patching Google Chrome. We use Installomator to deploy it initially (Chrome Enterprise) and then use Chrome Browser Cloud Management (CBCM) to enforce compliance of updates. Also a config profile to force people to sign-in with their work account so they get other Google Admin Chrome policies. But mainly leveraging CBCM to serve built-in notifications that Chrome needs to be updated (they can defer the update initially) and then eventually it force relaunches to complete the update. It's pretty much the consensus of the Installomator community that that is the ideal way. Google releases multiple versions of Chrome every week, sometimes even multiple versions in a single day (three versions came out yesterday for example). That's too much work to manually try and keep up with.
Adobe Apps - We use Installomator to keep Creative Cloud up-to-date and invoke the Remote Update Manager tool to keep all the suite apps + Acrobat/Reader updated. In my experience works WAY more effectively than Jamf App Catalog.
I do have many software titles loaded into Patch Management, but only so I can build smart groups around each software title, so I can then target them with policies, etc. (I,e only deploy Zoom Installomator auto-update policy to a smart group of computers that patch management shows have out-of-date Zoom.)
