HomeGuidesChangelog
Changelog
Back to All

CLI 6.34.4.0

April 17th, 2026

[6.34.4.0] - 2026-04-17

Changed

  • Upgraded Apache Airflow from 3.1.8 to 3.2.0, resolving CVE-2025-57735 (CRITICAL) and CVE-2026-34538 (MEDIUM)
  • Migrated all Airflow imports to use the namespace to eliminate deprecation warnings

Fixed

  • CLI descriptions for , , and now correctly reference STIG instead of GCP
  • CLI descriptions for , , , and command groups now correctly describe their respective integrations instead of referencing unrelated vendors
  • Removed duplicate registration that caused the command to appear twice in internal CLI wiring
  • SARIF compliance sync not updating control implementation status when the SSP uses an OWASP ASVS catalog; CWE-to-control mapping now targets ASVS verification requirement IDs instead of OWASP Top 10 category IDs
  • SARIF compliance sync setting passing controls to "Fully Implemented" instead of the intended "Planned" status
  • burp integration mapping issue

Added

  • CrowdStrike , , , and commands now support , , and for parallel job splitting via the Orchestration Hub
  • SARIF and commands now support , , and for parallel job splitting via the Orchestration Hub
  • GCP , , , , , and commands now support , , and for parallel job splitting via the Orchestration Hub
  • CCI model now exposes and foreign key fields for direct traceability to control objectives and test plans
  • eMASS Control Test Results workbook import via , aligned with the POAM workbook importer pattern
  • eMASS PPSM (Ports, Protocols, Services & Mgmt) workbook import via ; supports both Standard DoD and USN template formats with auto-detection
  • eMASS Hardware/Software inventory workbook import via ; processes Hardware and Software sheets in two phases with software-to-hardware parent linking
  • eMASS workbook type auto-detection via ; identifies PPSM, HWSW, POAM, Control Test Results, Control Info, and Security Categorization workbooks from sheet names and column signatures
  • eMASS Security Categorization Form import via ; updates SecurityPlan categorization fields and creates SystemRole records for RMF team members
  • eMASS importers (POAM, PPSM, HWSW, SecCat) now populate custom fields on RegScale records using field definitions from the target instance, maximizing data coverage beyond native model fields
  • eMASS importers auto-discover the correct API app scope when the current token cannot see the target SSP; supports (pre-scoped JWT), / credential probing, and aborts with a clear error if the SSP cannot be located