Hello all!

This is something of a follow-up to a previous post of mine. We are starting the process of convincing our IT Security and Leadership teams that allowing our Macs to download OS updates from Apple is a better alternative to downloading/packaging/deploying the OS.app ourselves. To strengthen our case, I'm looking for resources to back up the claim that softwareupdate --fetch-full-installer is no longer recommended by Apple. I feel like I've heard from multiple people that the download/package method is going to be deprecated "soon" and that it can introduce problems that wouldn't be an issue if the Macs download the updates themselves, but I'm struggling to find any documentation from Apple or reputable third-parties on this. There's plenty on the how of managing OS updates via policy or mass action, but scant information as to why this method is superior to downloading and packaging it ourselves. Indeed, Jamf still recommends the download/package method for major OS releases.

So, if any of you excellent and admirable admins have any webpages or other resources handy that would help me bolster my arguments, I would really appreciate it! I've done my share of searching, but my Google-fu is coming up empty. Ideally there would be something from Apple or Jamf that indicates why, in clear language, packaging OS.app updates ourselves is Bad and Wrong, and why allowing the Macs to download the updates themselves is a better alternative.

Thanks, y'all!