HomeGuidesChangelog
Changelog
Back to All

CLI 6.29.17.0

February 12th, 2026

[6.29.17.0] - 2026-02-12

Added

  • Google BigQuery support for FedRAMP POAM import with table and query modes, including SQL injection protection, case-insensitive schema validation, configurable timeouts, performance monitoring, and dry-run mode for both BigQuery and Excel data sources
  • Azure Government Cloud support for Microsoft Defender Entra integration with FedRAMP-compliant endpoints (login.microsoftonline.us)
  • FedRAMP POAM import now supports Google Cloud Storage paths (gs://bucket/path/file.xlsx) with automatic file download and cleanup
  • FedRAMP POAM import dry-run mode (--dry-run) to analyze Excel workbook structure and output JSON metadata including sheet names, row counts, column headers, and data preview without importing
  • FedRAMP POAM import pagination support with --sheet-name, --offset, and --limit parameters for parallel processing of large Excel files
  • Backward-compatible and wrapper functions with deprecation warnings for pandas-dependent consumers
  • Security hardening for file downloads including URL scheme validation, path traversal prevention, and symlink resolution

Fixed

  • Tanium integration failing with "No scheme supplied" error when taniumUrl is not configured, now provides clear validation messages
  • Tanium sync_findings failing with 405 Method Not Allowed on ScanHistory creation, now handles API errors gracefully
  • FedRAMP Appendix A import incorrectly detecting unchecked control originations as checked, causing false positive "Service Provider Corporate" assignments and missed "Provided by Customer" detections
  • Tenable SC integration stability improvements including proper error handling, safe string parsing, and memory-efficient file processing
  • AWS IAM sync authentication failure when using GovCloud (us-gov-) or China (cn-) partition credentials
  • Compliance integration Unicode encoding errors in Windows console output (replaced checkmark/cross symbols with ASCII-safe alternatives)

Changed

  • Internal data processing now uses polars instead of pandas for improved performance and memory efficiency
  • now returns a polars DataFrame; use for backward compatibility (deprecated)
  • now returns a polars DataFrame; use for backward compatibility (deprecated)
  • now performs strict URL scheme validation and enhanced filename sanitization
  • DRF import now validates Excel section boundaries and handles malformed files gracefully
  • Tenable SC JSONL scanner refactored into focused modules for improved maintainability and shared code reuse
  • Removed misleading decorator from 35 tests that were already updated to use CloudTrailEvidenceConfig dataclass
  • Windows Unicode encoding errors causing hundreds of exceptions when rich logging library renders Unicode symbols (✓, ✗) on Windows consoles (REG-20100)
    • Added UTF-8 console encoding initialization for Windows platform in
    • Forces UTF-8 encoding for stdout/stderr with graceful error handling ()
    • Fixes all Unicode rendering issues across all CLI commands on Windows
  • AWS integration log spam with expected errors logged at ERROR level making it difficult to identify real errors
    • Added reusable function to for consistent error handling
    • Expected AWS errors (ValidationException, ResourceNotFoundException, AccessDeniedException, NoSuchEntity, InvalidParameterException) now logged at debug/warning level
    • Updated error handlers in , , , , , , and
    • Reduced ERROR-level log messages by ~90%, making real errors easily identifiable
  • AWS evidence services now create issues by default for failed control
    • Previously, these services only collected evidence without creating issues
    • To preserve the old behavior, explicitly pass flag
    • Example:
  • Refactored issues tests to follow common testing structure and added comprehensive BatchCreateOrUpdate test coverage
    • Reorganized test_issue.py into 6 focused test classes for better maintainability
    • Created test_issue_batch_operations.py with 17 new tests for BatchCreateOrUpdate API endpoint
    • Enhanced test_issue_handler.py with additional batch mode and server-side deduplication tests
    • All 58 tests now follow common patterns and provide ~95%+ coverage for batch operations
  • FedRAMP POAM import dry-run mode now validates module ID to catch configuration errors early
  • BigQuery row count queries use table metadata for instant results (table mode) and remove LIMIT clauses for accurate counts (query mode)