HomeGuidesChangelog
Changelog

CLI 6.29.13.0

[6.29.13.0] - 2026-01-23

Added

  • Unified severity mapper for consistent severity mapping across 17+ integrations
  • Asset and finding parser framework for configurable data transformation
  • Resilience patterns including circuit breaker, retry policies, and checkpoint manager
  • Observability framework with structured logging, metrics collection, and distributed tracing
  • Integration configuration manager for centralized settings management
  • Dynamic connection pool sizing that scales with thread configuration

Changes

  • GraphQL pagination now uses iterative approach instead of recursive for improved stability

Fixed

  • Fixed an issue with default config affecting config decryption/encryption

CLI 6.29.7.6

[6.29.7.6] - 2026-01-22

Fixed

  • Fixed requirements.txt package to lock version
  • Set minimum versions for rich and typing-extensions to prevent pip dependency conflicts
  • Prisma Cloud scanner integration kwargs compatibility with ScannerIntegration base class
  • Prisma Cloud IntegrationFinding field mapping to use correct scanner_integration field names (affected_packages, installed_versions, fixed_versions)
  • Prisma Cloud Issue field population in RegScale UI (title, source identifier, identification, severity handling)
  • Prisma Cloud vulnerability parsing AttributeError when status field is None from API (502 parsing errors fixed)
  • Prisma Cloud integration now accepts non-CVE vulnerability identifiers (GHSA, PRISMA, GO, etc.) instead of rejecting them
  • Prisma Cloud AttributeError when status field contains enum object instead of string value during fix version extraction
  • Prisma Cloud warning about unable to map status value by passing string instead of enum to IntegrationFinding
  • Scanner integration status mapping now recognizes common vulnerability status values (fail/failed, active, new, fixed)
  • Removed unused frontend dependency to reduce transitive dependencies

CLI 6.29.7.5

[6.29.7.5] - 2026-01-21

Fixed

  • Fixed a conflict with emass integration
  • Airflow container update security patch
  • Fixed an issue causing AirFlow DAG's to not load properly

CLI 6.29.7.1

[6.29.7.1] - 2026-01-20

Added

  • SSP cleanup CLI commands to delete issues and vulnerabilities with associated mappings
      • Delete all issues from an SSP with optional status filtering
      • Delete all vulnerabilities and mappings from an SSP
    • Supports dry-run mode, force flag, and progress feedback during bulk operations
  • Qualys CIS Benchmark report import with full POAM metadata support
    • New CLI command for importing CIS Benchmark compliance reports
    • Creates Issues with 5 POAM metadata fields (Original Risk Rating, Remediation Description, POA&M Comments, Asset Identifier, Affected Controls)
    • Creates Vulnerabilities from failed CIS controls with proper severity mapping
    • Optional control assessment creation with NIST 800-53 mapping via flag
    • Helper function in vmdr.py for programmatic issue creation
    • CIS compliance integration processor with heuristic control ID matching
    • Comprehensive unit tests for CIS report parsing and issue creation (14 tests covering parsing, de-duplication, POAM fields, and integration workflow)

Fixed

  • Qualys CIS report parsing now handles None/empty CSV field values without crashing
  • Qualys integration POAM metadata field handling
    • Asset identifier now uses newline-separated format per RegScale convention
    • POAM fields now persist correctly using two-step process (batch create + individual .save() calls)
    • Issue severity levels use simple format (Critical, High, Medium, Low) instead of FedRAMP format
  • Console output now uses ASCII characters instead of Unicode for Windows CMD compatibility
  • Qualys VMDR report import now supports configurable POAM fields for multi-tenant compatibility
    • and fields can be disabled via config for tenants without these fields
    • Configuration flags: and (both default to true)
  • Qualys batch operations now include retry logic for transient API failures
    • 3-attempt retry with exponential backoff (5s, 10s, 20s) for issue and vulnerability creation
    • Improved resilience for large imports with network interruptions
  • Qualys API rate limiting now supports Retry-After headers with adaptive backoff
    • Increased max retries from 3 to 5 for report fetching
    • Uses server-provided Retry-After header when available instead of fixed exponential backoff
  • Prisma Cloud integration type conversion errors with empty configuration values
    • Applied safe type conversion pattern across all 7 affected locations in scanner.py and cli.py
    • Empty string values in init.yaml for prismaApiTimeout, prismaApiRetries, prismaPageSize now use proper defaults (30, 3, 50)
    • Empty or None values for prismaVerifySsl now default to True (secure default)
    • Empty values for prismaDeduplicateFindings now properly disable deduplication
    • Comprehensive regression test suite (19 tests) validates edge case handling
  • Security vulnerabilities in core dependencies
    • Updated cryptography to >=43.0.0
    • Updated pyyaml to >=6.0
    • Updated requests to >=2.32.0 (ensures latest SSL/TLS security patches)
    • Dependency version constraints
    • Upgraded Python from 3.12 to 3.13
    • Upgraded Airflow from 3.1.3 to 3.1.6 to align with pyproject.toml
    • Pinned urllib3>=2.6.3
    • Pinned setuptools>=75.8.0
    • Removed unused git package from Airflow runtime image
    • Removed unused Airflow simple auth UI with vulnerable JavaScript packages
  • Security patches for system Python packages (pip, setuptools, jaraco.context)
  • Missing dependency for Wiz integration compliance features

RegScale 6.28.0.1

[6.28.0.1] - 2026-01-20

Summary

This release addresses issues identified in the 6.28.0.0 release related to database migrations impacting large and newly created databases. The fixes improve upgrade reliability, prevent blocking migrations, and ensure successful installation across all supported database scenarios.

Fixes

  • Resolved database migration issues affecting upgrades on large databases, particularly those with substantial LogEvents data.
  • Prevented blocking behavior caused by schema changes that could leave the database in an unusable state.
  • Fixed migration failures when installing or upgrading against a blank database (no existing LogEvents table).

Improvements

  • Added safeguards to conditionally apply online index operations only when supported and safe.
  • Introduced mitigation scripts to reduce excessive LogEvents data during upgrades, improving migration performance and reliability.
  • Improved validation and testing coverage across large, integration, and clean-install database scenarios.

RegScale 6.28.0.0

[6.28.0.0] - 2026-01-15

Added

  • New drag-and-drop Workflow Designer experience
  • Workflow Template Library
  • Digital Signatures workflow action
  • Ability to preview a questionnaire without assigning it
  • New questionnaire question types including Yes/No, True/False, Number, Rating Scale, Likert Scale, URL, and Currency
  • Filters on the Report Builder listing page
  • Ability to assign questionnaire reviews to a group

Changed

  • Assessment Scorecard enhanced with five new views
  • Added Risk Assessment help text in the Risks module
  • Ability to delete fields in Form Builder
  • Condensed Statusboard designs for improved scannability
  • Restricted questionnaire reopening to questionnaire administrators only
  • Ability to reassign questionnaires
  • Improved visibility of question-level user assignment
  • Renamed Questionnaire Response Managed Uploads button to Upload File
  • Prevented question-level assignees from submitting questionnaires
  • Modernized and streamlined Newsfeed, Look Ahead, and Workbench experiences
  • Improved dashboard widgets and reporting experience
  • Ability to import and export Assessment Plans in bulk
  • Streamlined Line of Inquiry experience

Fixed

  • Improved button contrast in the unsaved changes modal
  • Fixed saving of custom fields
  • Corrected SPRS Scorecard behavior with CMMC Compliance Settings
  • Auto-Summarize now includes Inherited, Cloud Implementation, and Customer Responsibility fields
  • Ensured workflow emails send consistently
  • Enabled default Implementation Status and Control Origin selection for Catalog Templates
  • Allowed security plans to be children of other security plans when edited via API
  • Enabled hiding of the Maturity and Quality tab in Control Implementations via Form Builder
  • Updated Report Builder to reflect Form Builder field name changes
  • Removed need to refresh when switching RegScale instances
  • Corrected System Implementation export order in Appendix A
  • Fixed Security Plan scorecard calculation for Parts
  • Corrected Compliance Rollup mappings for CMMC settings
  • Fixed Response Automation exports
  • Displayed human-readable questionnaire response statuses in Report Builder
  • Prevented required checkbox fields in Form Builder
  • Fixed Export Builder template uploads
  • Enabled automatic scaling of Form Section Headers
  • Fixed Vulnerabilities selection in the navigation panel
  • Corrected sorting by asset count on the vulnerability scorecard
  • Prevented null values and slashes in Form Builder section names
  • Fixed Vulnerability Statusboard filtering across full data sets
  • Displayed empty custom fields correctly in Report Builder
  • Fixed RegML Policy Generator behavior
  • Allowed commas in questionnaire prompt list values
  • Enabled target risk scores greater than 1 in the Risk module
  • Corrected export options shown in the Catalog export modal
  • Allowed saving of hidden fields that contain data
  • Cleaned up required fields in the Assessment module
  • Improved Organization status toggle behavior
  • Fixed typo in the RegML Rich Text Editor
  • Corrected questionnaire response export alignment
  • Fixed Catalog import for NRC RG 5.71 Rev. 1
  • Enabled Update Assigned Instances in the Questionnaires module
  • Fixed api/scanHistory/getAllByParentRecursive endpoint
  • Corrected Configuration Check Status badging in the Assets module
  • Added support for special characters in usernames
  • Fixed questionnaire email delivery
  • Corrected questionnaire endpoints in Swagger documentation
  • Fixed Policy Template Editor display after saving
  • Removed need to refresh after adding Control Implementations to Security Plans
  • Fixed Catalog count display on the Security Profiles Mappings tab
  • Enabled adding Risk Treatments in the Risk module
  • Corrected help text display in the Security Plan Cockpit
  • Enforced sequential Catalog imports
  • Fixed selecting existing options for Component Control Implementations
  • Corrected Other Compliance Rollup value behavior
  • Fixed unsaved changes detection in the Data Subsystem
  • Improved eMASS POA&M export handling for missing Security Checks
  • Ensured associated Wayfinders are deleted with Security Plans
  • Corrected Workbench counts
  • Enabled cursor focus anywhere within Rich Text fields
  • Updated Evidence Forms after backend changes
  • Fixed Security Plan Evidence report data
  • Enabled search for terms shorter than four characters
  • Fixed account confirmation email links
  • Improved export warning messages for invalid file types
  • Enforced Control ID uniqueness in the Security Controls module
  • Ensured Organization endpoint returns Organization ID
  • Fixed /api/evidence/getEvidenceSecurityPlan/{intID} endpoint
  • Fixed /api/evidence/getEvidenceByDate/{intDays} endpoint
  • Corrected required field handling on CAP Tasks Boards
  • Hid CMMC fields in the Policy module when CMMC is disabled
  • Fixed /api/config/purgeLogs endpoint behavior
  • Applied various security updates and patches
  • Applied various application performance improvements

CLI 6.29.6.1

[6.29.6.1] - 2026-01-15

Added

  • Batch operations now correctly send isPublic field to server, fixing RBAC visibility issues on newly created issues and vulnerabilities
  • Batch retry logic automatically retries failed batches individually to prevent data loss
  • FedRAMP test method defaults (Examine, Interview, Test) now automatically loaded from OSCAL catalogs into control test plans
    • New testMethod field on ControlTestPlan model with validation for valid test methods
    • OSCAL catalog parser extracts test methods from FedRAMP High Rev5 baselines
    • CLI command for importing test method mappings
    • Catalog import process automatically populates test method defaults during updates
  • CausalAnalysis model implementation with complete getList endpoint and CRUD functionality for root cause analysis tracking
  • Airflow DAG for OpenText WebInspect scanner integration

Fixed

  • API URL construction for http:// domains broken by eMASS integration changes
  • QRadar compliance assessment now creates issues by default
  • QRadar POAM creation for failed assessments now properly populates all required fields
    • Description field uses HTML formatting instead of unformatted Markdown text
    • Related Controls field populated with comma-separated control IDs
    • Asset Identifier field populated with AWS Account ID
    • Recommended Actions field populated with HTML-formatted remediation steps
    • Date First Detected field populated with current date
    • POA&M Comments field populated with assessment metadata including date first detected
  • eMASS XML import now uses standard RegScale model patterns for creating Issues and SecurityPlans
  • DNS name validation added to vulnerability creation to prevent API rejection of invalid DNS formats
  • Prisma Cloud CLI commands ImportError preventing access to authenticate, sync_hosts, sync_images, and sync_sbom commands
  • Qualys integration
    • Policy import now correctly extracts title and metadata from FO API export format (TITLE vs policyName fields)
  • Assessment Details formatting now displays correctly without excessive whitespace and empty tables across all compliance integrations
    • Fixed systemic HTML rendering issue in base ComplianceIntegration class and all derived integrations
    • Removed literal newline characters () from HTML description generation that broke table and list rendering
    • AWS Audit Manager, AWS Config, GuardDuty, IAM, KMS, Org, and evidence generators now render HTML properly
    • QRadar Query Events assessments now display HTML tables and sections correctly
    • GCP compliance assessments now render without whitespace corruption
    • "Failed Resources" tables and other HTML content now display all data correctly in UI
    • Affects 15+ integration files with consistent fix pattern
  • Prisma Cloud SBOM tar.gz extraction security enhancements
    • Added archive format validation before extraction to prevent corrupted file processing
    • Implemented resource consumption limits (1GB file size, 10,000 member count) for zip bomb protection
    • Enhanced path traversal protection with comprehensive validation
    • Added symbolic and hard link filtering to prevent symlink attacks
    • Python 3.12+ data filter support with fallback for older versions
    • Refactored extraction logic into focused helper functions reducing cognitive complexity from 20 to <15
    • Added NOSONAR suppression for validation function with detailed security explanation
    • fixed cicd flow issue

Changed

  • Increased batch sizes from 100 to 1000 for assets, issues, and vulnerabilities for improved sync performance
  • Removed http.client dependency from eMASS client configuration to eliminate CVE-2025-13836 association
  • PDF text extraction now uses pypdfium2 (Chrome PDFium engine) for improved performance and reliability
  • Trivy, Grype, OpenText, Snyk, and Veracode scanner commands now use and options instead of and (breaking change)
  • Airflow DAGs for Trivy and Grype updated to use and parameters
  • S3 access for scanner integrations now supports config credentials (awsAccessKey, awsSecretKey, awsRegion) when AWS profile is unavailable
  • Code formatting migrated from black to ruff for faster formatting and linting
  • Build system modernized to use pyproject.toml exclusively, removing setup.py dependency
  • eMASS API client now uses httpx instead of urllib3 for improved performance and modern HTTP handling
  • QRadar API client migrated from requests/urllib3 to httpx for improved performance and modern HTTP handling

CLI 6.29.6.0

[6.29.6.0] - 2026-01-15

Added

  • Batch operations now correctly send isPublic field to server, fixing RBAC visibility issues on newly created issues and vulnerabilities
  • Batch retry logic automatically retries failed batches individually to prevent data loss
  • FedRAMP test method defaults (Examine, Interview, Test) now automatically loaded from OSCAL catalogs into control test plans
    • New testMethod field on ControlTestPlan model with validation for valid test methods
    • OSCAL catalog parser extracts test methods from FedRAMP High Rev5 baselines
    • CLI command for importing test method mappings
    • Catalog import process automatically populates test method defaults during updates
  • CausalAnalysis model implementation with complete getList endpoint and CRUD functionality for root cause analysis tracking
  • Airflow DAG for OpenText WebInspect scanner integration

Fixed

  • API URL construction for http:// domains broken by eMASS integration changes
  • QRadar compliance assessment now creates issues by default
  • QRadar POAM creation for failed assessments now properly populates all required fields
    • Description field uses HTML formatting instead of unformatted Markdown text
    • Related Controls field populated with comma-separated control IDs
    • Asset Identifier field populated with AWS Account ID
    • Recommended Actions field populated with HTML-formatted remediation steps
    • Date First Detected field populated with current date
    • POA&M Comments field populated with assessment metadata including date first detected
  • eMASS XML import now uses standard RegScale model patterns for creating Issues and SecurityPlans
  • DNS name validation added to vulnerability creation to prevent API rejection of invalid DNS formats
  • Prisma Cloud CLI commands ImportError preventing access to authenticate, sync_hosts, sync_images, and sync_sbom commands
  • Qualys integration
    • Policy import now correctly extracts title and metadata from FO API export format (TITLE vs policyName fields)
  • Assessment Details formatting now displays correctly without excessive whitespace and empty tables across all compliance integrations
    • Fixed systemic HTML rendering issue in base ComplianceIntegration class and all derived integrations
    • Removed literal newline characters () from HTML description generation that broke table and list rendering
    • AWS Audit Manager, AWS Config, GuardDuty, IAM, KMS, Org, and evidence generators now render HTML properly
    • QRadar Query Events assessments now display HTML tables and sections correctly
    • GCP compliance assessments now render without whitespace corruption
    • "Failed Resources" tables and other HTML content now display all data correctly in UI
    • Affects 15+ integration files with consistent fix pattern
  • Prisma Cloud SBOM tar.gz extraction security enhancements
    • Added archive format validation before extraction to prevent corrupted file processing
    • Implemented resource consumption limits (1GB file size, 10,000 member count) for zip bomb protection
    • Enhanced path traversal protection with comprehensive validation
    • Added symbolic and hard link filtering to prevent symlink attacks
    • Python 3.12+ data filter support with fallback for older versions
    • Refactored extraction logic into focused helper functions reducing cognitive complexity from 20 to <15
    • Added NOSONAR suppression for validation function with detailed security explanation

Changed

  • Increased batch sizes from 100 to 1000 for assets, issues, and vulnerabilities for improved sync performance
  • Removed http.client dependency from eMASS client configuration to eliminate CVE-2025-13836 association
  • PDF text extraction now uses pypdfium2 (Chrome PDFium engine) for improved performance and reliability
  • Trivy, Grype, OpenText, Snyk, and Veracode scanner commands now use and options instead of and (breaking change)
  • Airflow DAGs for Trivy and Grype updated to use and parameters
  • S3 access for scanner integrations now supports config credentials (awsAccessKey, awsSecretKey, awsRegion) when AWS profile is unavailable
  • Code formatting migrated from black to ruff for faster formatting and linting
  • Build system modernized to use pyproject.toml exclusively, removing setup.py dependency
  • eMASS API client now uses httpx instead of urllib3 for improved performance and modern HTTP handling
  • QRadar API client migrated from requests/urllib3 to httpx for improved performance and modern HTTP handling

RegScale 6.27.5.2

[6.27.5.2] - 2026-01-13

Changes

  • N/A

Fixes

  • Resolved issue that customers have been experiencing with SSO OAuth login with EntraID and Okta related to Email, FirstName, or LastName being required in the SSO Claim.

RegScale 6.27.5.1

[6.27.5.1] - 2026-01-10

Changes

  • Updated database compatibility to remove unintended dependencies introduced in the previous release, ensuring broader support across supported SQL Server editions.

Fixes

  • Resolved an issue where the 6.27.4.0 release introduced a hard dependency on SQL Server Enterprise Edition, restoring compatibility with supported non-Enterprise editions.
  • Fixed a migration failure related to the CVE column that could cause upgrade issues in the current release.