Add Darwin platform optimized miscellaneous columns

[Micah-Kolide]

This PR extends the optimized columns for the Darwin platform. I've split up the optimized changes into multiple PRs to make it easier to validate the table generation methods. I've only added tables where I believe and tested the generate methods support the IN optimization.

I've confirmed that the columns can support these changes by querying the tables with an IN constraint on the optimized columns. I validated the expected results by comparing returned values from osquery 5.13.1 (before IN optimization existed), 5.14.1, and 5.14.1 containing these spec file changes.

With each query I included a NULL, '' (empty string), and some non-existent values in my IN constraint.

Tests were ran on macOS Sequoia: Version 15.2 Beta (24C5079e).

[directionless]

Is username also optimized?

[Micah-Kolide]

I don't believe so as it appears the username is being set by only the first value from the username context, but the domain context is being iterated and appended to an array:

CFStringRef username = nullptr;
  if (context.constraints["username"].exists(EQUALS)) {
    auto users = context.constraints["username"].getAll(EQUALS);
    username = CFStringCreateWithCString(
        kCFAllocatorDefault, (*users.begin()).c_str(), kCFStringEncodingUTF8);
  }

CFMutableArrayRef app_map = nullptr;
  if (context.constraints["domain"].exists(EQUALS)) {
    // If a specific domain is requested, speed up the set of type conversions.
    auto domains = context.constraints["domain"].getAll(EQUALS);
    app_map = CFArrayCreateMutable(
        kCFAllocatorDefault, domains.size(), &kCFTypeArrayCallBacks);
    for (const auto& domain : domains) {
      auto cf_domain = CFStringCreateWithCString(
          kCFAllocatorDefault, domain.c_str(), kCFStringEncodingASCII);
      CFArrayAppendValue(app_map, cf_domain);
      CFRelease(cf_domain);
    }