TL/TR

This update improves the overall experience of the WDACConfig module, makes it easier to work with and implements various new checks to ensure user error is minimal. The goal is to minimize accidental user errors as much as possible by implementing useful and intelligent checks in multiple parts of the module.

What's Changed

1. When using Deploy-SignedWDACConfig to sign and deploy a WDAC policy, you will only see the prompt asking to add the signed policy to the user configurations, if the policy you are signing and deploying is a base policy.
2. Improved Temp folder path detection to be more secure and resilient.
3. Improved User profile directory detection to be more secure.
4. In New-SupplementalWDACConfig cmdlet, changed the parameter name -FilePathWildCards to PathWildCards to better reflect its purpose.
5. In New-SupplementalWDACConfig cmdlet, changed the parameter name -WildCardPath to FolderPath to better reflect its purpose.
6. Added GUI for New-SupplementalWDACConfig -PathWildCards -Path, it automatically adds a * wildcard at the end of the path and you can add extra wildcards to anywhere in the selected folder path too.
7. Made the generated policy file names and policy names consistent across all WDACConfig module's cmdlets.
8. When using -Deploy parameter with New-SupplementalWDACConfig cmdlet, if the selected base policy is a Signed policy, you will see an error stating that you should use Deploy-SignedWDACConfig cmdlet to deploy Signed policies.
9. Removed the manual MDAV scan of the UserConfigurations.json file since Defender already scans all of the files on access.
10. Relocated some of the parameters of the Set-CommonWDACConfig cmdlet to be easier to work with.
11. Improved some console output spacing for New-WDACConfig cmdlet.